diff options
Diffstat (limited to 'toolkit/components/passwordmgr/LoginManagerContent.jsm')
-rw-r--r-- | toolkit/components/passwordmgr/LoginManagerContent.jsm | 1619 |
1 files changed, 1619 insertions, 0 deletions
diff --git a/toolkit/components/passwordmgr/LoginManagerContent.jsm b/toolkit/components/passwordmgr/LoginManagerContent.jsm new file mode 100644 index 000000000..60805530d --- /dev/null +++ b/toolkit/components/passwordmgr/LoginManagerContent.jsm @@ -0,0 +1,1619 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +"use strict"; + +this.EXPORTED_SYMBOLS = [ "LoginManagerContent", + "LoginFormFactory", + "UserAutoCompleteResult" ]; + +const { classes: Cc, interfaces: Ci, results: Cr, utils: Cu } = Components; +const PASSWORD_INPUT_ADDED_COALESCING_THRESHOLD_MS = 1; +const AUTOCOMPLETE_AFTER_CONTEXTMENU_THRESHOLD_MS = 250; + +Cu.import("resource://gre/modules/XPCOMUtils.jsm"); +Cu.import("resource://gre/modules/Services.jsm"); +Cu.import("resource://gre/modules/PrivateBrowsingUtils.jsm"); +Cu.import("resource://gre/modules/InsecurePasswordUtils.jsm"); +Cu.import("resource://gre/modules/Promise.jsm"); +Cu.import("resource://gre/modules/Preferences.jsm"); +Cu.import("resource://gre/modules/Timer.jsm"); + +XPCOMUtils.defineLazyModuleGetter(this, "DeferredTask", "resource://gre/modules/DeferredTask.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "FormLikeFactory", + "resource://gre/modules/FormLikeFactory.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "LoginRecipesContent", + "resource://gre/modules/LoginRecipes.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "LoginHelper", + "resource://gre/modules/LoginHelper.jsm"); +XPCOMUtils.defineLazyModuleGetter(this, "InsecurePasswordUtils", + "resource://gre/modules/InsecurePasswordUtils.jsm"); + +XPCOMUtils.defineLazyServiceGetter(this, "gNetUtil", + "@mozilla.org/network/util;1", + "nsINetUtil"); + +XPCOMUtils.defineLazyGetter(this, "log", () => { + let logger = LoginHelper.createLogger("LoginManagerContent"); + return logger.log.bind(logger); +}); + +// These mirror signon.* prefs. +var gEnabled, gAutofillForms, gStoreWhenAutocompleteOff; +var gLastContextMenuEventTimeStamp = Number.NEGATIVE_INFINITY; + +var observer = { + QueryInterface : XPCOMUtils.generateQI([Ci.nsIObserver, + Ci.nsIFormSubmitObserver, + Ci.nsIWebProgressListener, + Ci.nsIDOMEventListener, + Ci.nsISupportsWeakReference]), + + // nsIFormSubmitObserver + notify(formElement, aWindow, actionURI) { + log("observer notified for form submission."); + + // We're invoked before the content's |onsubmit| handlers, so we + // can grab form data before it might be modified (see bug 257781). + + try { + let formLike = LoginFormFactory.createFromForm(formElement); + LoginManagerContent._onFormSubmit(formLike); + } catch (e) { + log("Caught error in onFormSubmit(", e.lineNumber, "):", e.message); + Cu.reportError(e); + } + + return true; // Always return true, or form submit will be canceled. + }, + + onPrefChange() { + gEnabled = Services.prefs.getBoolPref("signon.rememberSignons"); + gAutofillForms = Services.prefs.getBoolPref("signon.autofillForms"); + gStoreWhenAutocompleteOff = Services.prefs.getBoolPref("signon.storeWhenAutocompleteOff"); + }, + + // nsIWebProgressListener + onLocationChange(aWebProgress, aRequest, aLocation, aFlags) { + // Only handle pushState/replaceState here. + if (!(aFlags & Ci.nsIWebProgressListener.LOCATION_CHANGE_SAME_DOCUMENT) || + !(aWebProgress.loadType & Ci.nsIDocShell.LOAD_CMD_PUSHSTATE)) { + return; + } + + log("onLocationChange handled:", aLocation.spec, aWebProgress.DOMWindow.document); + + LoginManagerContent._onNavigation(aWebProgress.DOMWindow.document); + }, + + onStateChange(aWebProgress, aRequest, aState, aStatus) { + if (!(aState & Ci.nsIWebProgressListener.STATE_START)) { + return; + } + + // We only care about when a page triggered a load, not the user. For example: + // clicking refresh/back/forward, typing a URL and hitting enter, and loading a bookmark aren't + // likely to be when a user wants to save a login. + let channel = aRequest.QueryInterface(Ci.nsIChannel); + let triggeringPrincipal = channel.loadInfo.triggeringPrincipal; + if (triggeringPrincipal.isNullPrincipal || + triggeringPrincipal.equals(Services.scriptSecurityManager.getSystemPrincipal())) { + return; + } + + // Don't handle history navigation, reload, or pushState not triggered via chrome UI. + // e.g. history.go(-1), location.reload(), history.replaceState() + if (!(aWebProgress.loadType & Ci.nsIDocShell.LOAD_CMD_NORMAL)) { + log("onStateChange: loadType isn't LOAD_CMD_NORMAL:", aWebProgress.loadType); + return; + } + + log("onStateChange handled:", channel); + LoginManagerContent._onNavigation(aWebProgress.DOMWindow.document); + }, + + handleEvent(aEvent) { + if (!aEvent.isTrusted) { + return; + } + + if (!gEnabled) { + return; + } + + switch (aEvent.type) { + // Only used for username fields. + case "focus": { + LoginManagerContent._onUsernameFocus(aEvent); + break; + } + + case "contextmenu": { + gLastContextMenuEventTimeStamp = Date.now(); + break; + } + + default: { + throw new Error("Unexpected event"); + } + } + }, +}; + +Services.obs.addObserver(observer, "earlyformsubmit", false); +var prefBranch = Services.prefs.getBranch("signon."); +prefBranch.addObserver("", observer.onPrefChange, false); + +observer.onPrefChange(); // read initial values + + +function messageManagerFromWindow(win) { + return win.QueryInterface(Ci.nsIInterfaceRequestor) + .getInterface(Ci.nsIWebNavigation) + .QueryInterface(Ci.nsIDocShell) + .QueryInterface(Ci.nsIInterfaceRequestor) + .getInterface(Ci.nsIContentFrameMessageManager); +} + +// This object maps to the "child" process (even in the single-process case). +var LoginManagerContent = { + + __formFillService : null, // FormFillController, for username autocompleting + get _formFillService() { + if (!this.__formFillService) + this.__formFillService = + Cc["@mozilla.org/satchel/form-fill-controller;1"]. + getService(Ci.nsIFormFillController); + return this.__formFillService; + }, + + _getRandomId() { + return Cc["@mozilla.org/uuid-generator;1"] + .getService(Ci.nsIUUIDGenerator).generateUUID().toString(); + }, + + _messages: [ "RemoteLogins:loginsFound", + "RemoteLogins:loginsAutoCompleted" ], + + /** + * WeakMap of the root element of a FormLike to the FormLike representing its fields. + * + * This is used to be able to lookup an existing FormLike for a given root element since multiple + * calls to LoginFormFactory won't give the exact same object. When batching fills we don't always + * want to use the most recent list of elements for a FormLike since we may end up doing multiple + * fills for the same set of elements when a field gets added between arming and running the + * DeferredTask. + * + * @type {WeakMap} + */ + _formLikeByRootElement: new WeakMap(), + + /** + * WeakMap of the root element of a WeakMap to the DeferredTask to fill its fields. + * + * This is used to be able to throttle fills for a FormLike since onDOMInputPasswordAdded gets + * dispatched for each password field added to a document but we only want to fill once per + * FormLike when multiple fields are added at once. + * + * @type {WeakMap} + */ + _deferredPasswordAddedTasksByRootElement: new WeakMap(), + + // Map from form login requests to information about that request. + _requests: new Map(), + + // Number of outstanding requests to each manager. + _managers: new Map(), + + _takeRequest(msg) { + let data = msg.data; + let request = this._requests.get(data.requestId); + + this._requests.delete(data.requestId); + + let count = this._managers.get(msg.target); + if (--count === 0) { + this._managers.delete(msg.target); + + for (let message of this._messages) + msg.target.removeMessageListener(message, this); + } else { + this._managers.set(msg.target, count); + } + + return request; + }, + + _sendRequest(messageManager, requestData, + name, messageData) { + let count; + if (!(count = this._managers.get(messageManager))) { + this._managers.set(messageManager, 1); + + for (let message of this._messages) + messageManager.addMessageListener(message, this); + } else { + this._managers.set(messageManager, ++count); + } + + let requestId = this._getRandomId(); + messageData.requestId = requestId; + + messageManager.sendAsyncMessage(name, messageData); + + let deferred = Promise.defer(); + requestData.promise = deferred; + this._requests.set(requestId, requestData); + return deferred.promise; + }, + + receiveMessage(msg, window) { + if (msg.name == "RemoteLogins:fillForm") { + this.fillForm({ + topDocument: window.document, + loginFormOrigin: msg.data.loginFormOrigin, + loginsFound: LoginHelper.vanillaObjectsToLogins(msg.data.logins), + recipes: msg.data.recipes, + inputElement: msg.objects.inputElement, + }); + return; + } + + let request = this._takeRequest(msg); + switch (msg.name) { + case "RemoteLogins:loginsFound": { + let loginsFound = LoginHelper.vanillaObjectsToLogins(msg.data.logins); + request.promise.resolve({ + form: request.form, + loginsFound: loginsFound, + recipes: msg.data.recipes, + }); + break; + } + + case "RemoteLogins:loginsAutoCompleted": { + let loginsFound = + LoginHelper.vanillaObjectsToLogins(msg.data.logins); + // If we're in the parent process, don't pass a message manager so our + // autocomplete result objects know they can remove the login from the + // login manager directly. + let messageManager = + (Services.appinfo.processType === Services.appinfo.PROCESS_TYPE_CONTENT) ? + msg.target : undefined; + request.promise.resolve({ logins: loginsFound, messageManager }); + break; + } + } + }, + + /** + * Get relevant logins and recipes from the parent + * + * @param {HTMLFormElement} form - form to get login data for + * @param {Object} options + * @param {boolean} options.showMasterPassword - whether to show a master password prompt + */ + _getLoginDataFromParent(form, options) { + let doc = form.ownerDocument; + let win = doc.defaultView; + + let formOrigin = LoginUtils._getPasswordOrigin(doc.documentURI); + if (!formOrigin) { + return Promise.reject("_getLoginDataFromParent: A form origin is required"); + } + let actionOrigin = LoginUtils._getActionOrigin(form); + + let messageManager = messageManagerFromWindow(win); + + // XXX Weak?? + let requestData = { form: form }; + let messageData = { formOrigin: formOrigin, + actionOrigin: actionOrigin, + options: options }; + + return this._sendRequest(messageManager, requestData, + "RemoteLogins:findLogins", + messageData); + }, + + _autoCompleteSearchAsync(aSearchString, aPreviousResult, + aElement, aRect) { + let doc = aElement.ownerDocument; + let form = LoginFormFactory.createFromField(aElement); + let win = doc.defaultView; + + let formOrigin = LoginUtils._getPasswordOrigin(doc.documentURI); + let actionOrigin = LoginUtils._getActionOrigin(form); + + let messageManager = messageManagerFromWindow(win); + + let remote = (Services.appinfo.processType === + Services.appinfo.PROCESS_TYPE_CONTENT); + + let previousResult = aPreviousResult ? + { searchString: aPreviousResult.searchString, + logins: LoginHelper.loginsToVanillaObjects(aPreviousResult.logins) } : + null; + + let requestData = {}; + let messageData = { formOrigin: formOrigin, + actionOrigin: actionOrigin, + searchString: aSearchString, + previousResult: previousResult, + rect: aRect, + isSecure: InsecurePasswordUtils.isFormSecure(form), + isPasswordField: aElement.type == "password", + remote: remote }; + + return this._sendRequest(messageManager, requestData, + "RemoteLogins:autoCompleteLogins", + messageData); + }, + + setupProgressListener(window) { + if (!LoginHelper.formlessCaptureEnabled) { + return; + } + + try { + let webProgress = window.QueryInterface(Ci.nsIInterfaceRequestor). + getInterface(Ci.nsIWebNavigation). + QueryInterface(Ci.nsIDocShell). + QueryInterface(Ci.nsIInterfaceRequestor). + getInterface(Ci.nsIWebProgress); + webProgress.addProgressListener(observer, + Ci.nsIWebProgress.NOTIFY_STATE_DOCUMENT | + Ci.nsIWebProgress.NOTIFY_LOCATION); + } catch (ex) { + // Ignore NS_ERROR_FAILURE if the progress listener was already added + } + }, + + onDOMFormHasPassword(event, window) { + if (!event.isTrusted) { + return; + } + + let form = event.target; + let formLike = LoginFormFactory.createFromForm(form); + log("onDOMFormHasPassword:", form, formLike); + this._fetchLoginsFromParentAndFillForm(formLike, window); + }, + + onDOMInputPasswordAdded(event, window) { + if (!event.isTrusted) { + return; + } + + let pwField = event.target; + if (pwField.form) { + // Fill is handled by onDOMFormHasPassword which is already throttled. + return; + } + + // Only setup the listener for formless inputs. + // Capture within a <form> but without a submit event is bug 1287202. + this.setupProgressListener(window); + + let formLike = LoginFormFactory.createFromField(pwField); + log("onDOMInputPasswordAdded:", pwField, formLike); + + let deferredTask = this._deferredPasswordAddedTasksByRootElement.get(formLike.rootElement); + if (!deferredTask) { + log("Creating a DeferredTask to call _fetchLoginsFromParentAndFillForm soon"); + this._formLikeByRootElement.set(formLike.rootElement, formLike); + + deferredTask = new DeferredTask(function* deferredInputProcessing() { + // Get the updated formLike instead of the one at the time of creating the DeferredTask via + // a closure since it could be stale since FormLike.elements isn't live. + let formLike2 = this._formLikeByRootElement.get(formLike.rootElement); + log("Running deferred processing of onDOMInputPasswordAdded", formLike2); + this._deferredPasswordAddedTasksByRootElement.delete(formLike2.rootElement); + this._fetchLoginsFromParentAndFillForm(formLike2, window); + }.bind(this), PASSWORD_INPUT_ADDED_COALESCING_THRESHOLD_MS); + + this._deferredPasswordAddedTasksByRootElement.set(formLike.rootElement, deferredTask); + } + + if (deferredTask.isArmed) { + log("DeferredTask is already armed so just updating the FormLike"); + // We update the FormLike so it (most important .elements) is fresh when the task eventually + // runs since changes to the elements could affect our field heuristics. + this._formLikeByRootElement.set(formLike.rootElement, formLike); + } else if (window.document.readyState == "complete") { + log("Arming the DeferredTask we just created since document.readyState == 'complete'"); + deferredTask.arm(); + } else { + window.addEventListener("DOMContentLoaded", function armPasswordAddedTask() { + window.removeEventListener("DOMContentLoaded", armPasswordAddedTask); + log("Arming the onDOMInputPasswordAdded DeferredTask due to DOMContentLoaded"); + deferredTask.arm(); + }); + } + }, + + /** + * Fetch logins from the parent for a given form and then attempt to fill it. + * + * @param {FormLike} form to fetch the logins for then try autofill. + * @param {Window} window + */ + _fetchLoginsFromParentAndFillForm(form, window) { + this._detectInsecureFormLikes(window); + + let messageManager = messageManagerFromWindow(window); + messageManager.sendAsyncMessage("LoginStats:LoginEncountered"); + + if (!gEnabled) { + return; + } + + this._getLoginDataFromParent(form, { showMasterPassword: true }) + .then(this.loginsFound.bind(this)) + .then(null, Cu.reportError); + }, + + onPageShow(event, window) { + this._detectInsecureFormLikes(window); + }, + + /** + * Maps all DOM content documents in this content process, including those in + * frames, to the current state used by the Login Manager. + */ + loginFormStateByDocument: new WeakMap(), + + /** + * Retrieves a reference to the state object associated with the given + * document. This is initialized to an object with default values. + */ + stateForDocument(document) { + let loginFormState = this.loginFormStateByDocument.get(document); + if (!loginFormState) { + loginFormState = { + /** + * Keeps track of filled fields and values. + */ + fillsByRootElement: new WeakMap(), + loginFormRootElements: new Set(), + }; + this.loginFormStateByDocument.set(document, loginFormState); + } + return loginFormState; + }, + + /** + * Compute whether there is an insecure login form on any frame of the current page, and + * notify the parent process. This is used to control whether insecure password UI appears. + */ + _detectInsecureFormLikes(topWindow) { + log("_detectInsecureFormLikes", topWindow.location.href); + + // Returns true if this window or any subframes have insecure login forms. + let hasInsecureLoginForms = (thisWindow) => { + let doc = thisWindow.document; + let hasLoginForm = this.stateForDocument(doc).loginFormRootElements.size > 0; + // Ignores window.opener, because it's not relevant for indicating + // form security. See InsecurePasswordUtils docs for details. + return (hasLoginForm && !thisWindow.isSecureContextIfOpenerIgnored) || + Array.some(thisWindow.frames, + frame => hasInsecureLoginForms(frame)); + }; + + let messageManager = messageManagerFromWindow(topWindow); + messageManager.sendAsyncMessage("RemoteLogins:insecureLoginFormPresent", { + hasInsecureLoginForms: hasInsecureLoginForms(topWindow), + }); + }, + + /** + * Perform a password fill upon user request coming from the parent process. + * The fill will be in the form previously identified during page navigation. + * + * @param An object with the following properties: + * { + * topDocument: + * DOM document currently associated to the the top-level window + * for which the fill is requested. This may be different from the + * document that originally caused the login UI to be displayed. + * loginFormOrigin: + * String with the origin for which the login UI was displayed. + * This must match the origin of the form used for the fill. + * loginsFound: + * Array containing the login to fill. While other messages may + * have more logins, for this use case this is expected to have + * exactly one element. The origin of the login may be different + * from the origin of the form used for the fill. + * recipes: + * Fill recipes transmitted together with the original message. + * inputElement: + * Username or password input element from the form we want to fill. + * } + */ + fillForm({ topDocument, loginFormOrigin, loginsFound, recipes, inputElement }) { + if (!inputElement) { + log("fillForm: No input element specified"); + return; + } + if (LoginUtils._getPasswordOrigin(topDocument.documentURI) != loginFormOrigin) { + if (!inputElement || + LoginUtils._getPasswordOrigin(inputElement.ownerDocument.documentURI) != loginFormOrigin) { + log("fillForm: The requested origin doesn't match the one form the", + "document. This may mean we navigated to a document from a different", + "site before we had a chance to indicate this change in the user", + "interface."); + return; + } + } + + let clobberUsername = true; + let options = { + inputElement, + }; + + let form = LoginFormFactory.createFromField(inputElement); + if (inputElement.type == "password") { + clobberUsername = false; + } + this._fillForm(form, true, clobberUsername, true, true, loginsFound, recipes, options); + }, + + loginsFound({ form, loginsFound, recipes }) { + let doc = form.ownerDocument; + let autofillForm = gAutofillForms && !PrivateBrowsingUtils.isContentWindowPrivate(doc.defaultView); + + this._fillForm(form, autofillForm, false, false, false, loginsFound, recipes); + }, + + /** + * Focus event handler for username fields to decide whether to show autocomplete. + * @param {FocusEvent} event + */ + _onUsernameFocus(event) { + let focusedField = event.target; + if (!focusedField.mozIsTextField(true) || focusedField.readOnly) { + return; + } + + if (this._isLoginAlreadyFilled(focusedField)) { + log("_onUsernameFocus: Already filled"); + return; + } + + /* + * A `focus` event is fired before a `contextmenu` event if a user right-clicks into an + * unfocused field. In that case we don't want to show both autocomplete and a context menu + * overlapping so we spin the event loop to see if a `contextmenu` event is coming next. If no + * `contextmenu` event was seen and the focused field is still focused by the form fill + * controller then show the autocomplete popup. + */ + let timestamp = Date.now(); + setTimeout(function maybeOpenAutocompleteAfterFocus() { + // Even though the `focus` event happens first, its .timeStamp is greater in + // testing and I don't want to rely on that so the absolute value is used. + let timeDiff = Math.abs(gLastContextMenuEventTimeStamp - timestamp); + if (timeDiff < AUTOCOMPLETE_AFTER_CONTEXTMENU_THRESHOLD_MS) { + log("Not opening autocomplete after focus since a context menu was opened within", + timeDiff, "ms"); + return; + } + + if (this._formFillService.focusedInput == focusedField) { + log("maybeOpenAutocompleteAfterFocus: Opening the autocomplete popup. Time diff:", timeDiff); + this._formFillService.showPopup(); + } else { + log("maybeOpenAutocompleteAfterFocus: FormFillController has a different focused input"); + } + }.bind(this), 0); + }, + + /** + * Listens for DOMAutoComplete and blur events on an input field. + */ + onUsernameInput(event) { + if (!event.isTrusted) + return; + + if (!gEnabled) + return; + + var acInputField = event.target; + + // This is probably a bit over-conservatative. + if (!(acInputField.ownerDocument instanceof Ci.nsIDOMHTMLDocument)) + return; + + if (!LoginHelper.isUsernameFieldType(acInputField)) + return; + + var acForm = LoginFormFactory.createFromField(acInputField); + if (!acForm) + return; + + // If the username is blank, bail out now -- we don't want + // fillForm() to try filling in a login without a username + // to filter on (bug 471906). + if (!acInputField.value) + return; + + log("onUsernameInput from", event.type); + + let doc = acForm.ownerDocument; + let messageManager = messageManagerFromWindow(doc.defaultView); + let recipes = messageManager.sendSyncMessage("RemoteLogins:findRecipes", { + formOrigin: LoginUtils._getPasswordOrigin(doc.documentURI), + })[0]; + + // Make sure the username field fillForm will use is the + // same field as the autocomplete was activated on. + var [usernameField, passwordField, ignored] = + this._getFormFields(acForm, false, recipes); + if (usernameField == acInputField && passwordField) { + this._getLoginDataFromParent(acForm, { showMasterPassword: false }) + .then(({ form, loginsFound, recipes }) => { + this._fillForm(form, true, false, true, true, loginsFound, recipes); + }) + .then(null, Cu.reportError); + } else { + // Ignore the event, it's for some input we don't care about. + } + }, + + /** + * @param {FormLike} form - the FormLike to look for password fields in. + * @param {bool} [skipEmptyFields=false] - Whether to ignore password fields with no value. + * Used at capture time since saving empty values isn't + * useful. + * @return {Array|null} Array of password field elements for the specified form. + * If no pw fields are found, or if more than 3 are found, then null + * is returned. + */ + _getPasswordFields(form, skipEmptyFields = false) { + // Locate the password fields in the form. + let pwFields = []; + for (let i = 0; i < form.elements.length; i++) { + let element = form.elements[i]; + if (!(element instanceof Ci.nsIDOMHTMLInputElement) || + element.type != "password") { + continue; + } + + if (skipEmptyFields && !element.value.trim()) { + continue; + } + + pwFields[pwFields.length] = { + index : i, + element : element + }; + } + + // If too few or too many fields, bail out. + if (pwFields.length == 0) { + log("(form ignored -- no password fields.)"); + return null; + } else if (pwFields.length > 3) { + log("(form ignored -- too many password fields. [ got ", pwFields.length, "])"); + return null; + } + + return pwFields; + }, + + /** + * Returns the username and password fields found in the form. + * Can handle complex forms by trying to figure out what the + * relevant fields are. + * + * @param {FormLike} form + * @param {bool} isSubmission + * @param {Set} recipes + * @return {Array} [usernameField, newPasswordField, oldPasswordField] + * + * usernameField may be null. + * newPasswordField will always be non-null. + * oldPasswordField may be null. If null, newPasswordField is just + * "theLoginField". If not null, the form is apparently a + * change-password field, with oldPasswordField containing the password + * that is being changed. + * + * Note that even though we can create a FormLike from a text field, + * this method will only return a non-null usernameField if the + * FormLike has a password field. + */ + _getFormFields(form, isSubmission, recipes) { + var usernameField = null; + var pwFields = null; + var fieldOverrideRecipe = LoginRecipesContent.getFieldOverrides(recipes, form); + if (fieldOverrideRecipe) { + var pwOverrideField = LoginRecipesContent.queryLoginField( + form, + fieldOverrideRecipe.passwordSelector + ); + if (pwOverrideField) { + // The field from the password override may be in a different FormLike. + let formLike = LoginFormFactory.createFromField(pwOverrideField); + pwFields = [{ + index : [...formLike.elements].indexOf(pwOverrideField), + element : pwOverrideField, + }]; + } + + var usernameOverrideField = LoginRecipesContent.queryLoginField( + form, + fieldOverrideRecipe.usernameSelector + ); + if (usernameOverrideField) { + usernameField = usernameOverrideField; + } + } + + if (!pwFields) { + // Locate the password field(s) in the form. Up to 3 supported. + // If there's no password field, there's nothing for us to do. + pwFields = this._getPasswordFields(form, isSubmission); + } + + if (!pwFields) { + return [null, null, null]; + } + + if (!usernameField) { + // Locate the username field in the form by searching backwards + // from the first password field, assume the first text field is the + // username. We might not find a username field if the user is + // already logged in to the site. + for (var i = pwFields[0].index - 1; i >= 0; i--) { + var element = form.elements[i]; + if (!LoginHelper.isUsernameFieldType(element)) { + continue; + } + + if (fieldOverrideRecipe && fieldOverrideRecipe.notUsernameSelector && + element.matches(fieldOverrideRecipe.notUsernameSelector)) { + continue; + } + + usernameField = element; + break; + } + } + + if (!usernameField) + log("(form -- no username field found)"); + else + log("Username field ", usernameField, "has name/value:", + usernameField.name, "/", usernameField.value); + + // If we're not submitting a form (it's a page load), there are no + // password field values for us to use for identifying fields. So, + // just assume the first password field is the one to be filled in. + if (!isSubmission || pwFields.length == 1) { + var passwordField = pwFields[0].element; + log("Password field", passwordField, "has name: ", passwordField.name); + return [usernameField, passwordField, null]; + } + + + // Try to figure out WTF is in the form based on the password values. + var oldPasswordField, newPasswordField; + var pw1 = pwFields[0].element.value; + var pw2 = pwFields[1].element.value; + var pw3 = (pwFields[2] ? pwFields[2].element.value : null); + + if (pwFields.length == 3) { + // Look for two identical passwords, that's the new password + + if (pw1 == pw2 && pw2 == pw3) { + // All 3 passwords the same? Weird! Treat as if 1 pw field. + newPasswordField = pwFields[0].element; + oldPasswordField = null; + } else if (pw1 == pw2) { + newPasswordField = pwFields[0].element; + oldPasswordField = pwFields[2].element; + } else if (pw2 == pw3) { + oldPasswordField = pwFields[0].element; + newPasswordField = pwFields[2].element; + } else if (pw1 == pw3) { + // A bit odd, but could make sense with the right page layout. + newPasswordField = pwFields[0].element; + oldPasswordField = pwFields[1].element; + } else { + // We can't tell which of the 3 passwords should be saved. + log("(form ignored -- all 3 pw fields differ)"); + return [null, null, null]; + } + } else if (pw1 == pw2) { + // pwFields.length == 2 + // Treat as if 1 pw field + newPasswordField = pwFields[0].element; + oldPasswordField = null; + } else { + // Just assume that the 2nd password is the new password + oldPasswordField = pwFields[0].element; + newPasswordField = pwFields[1].element; + } + + log("Password field (new) id/name is: ", newPasswordField.id, " / ", newPasswordField.name); + if (oldPasswordField) { + log("Password field (old) id/name is: ", oldPasswordField.id, " / ", oldPasswordField.name); + } else { + log("Password field (old):", oldPasswordField); + } + return [usernameField, newPasswordField, oldPasswordField]; + }, + + + /** + * @return true if the page requests autocomplete be disabled for the + * specified element. + */ + _isAutocompleteDisabled(element) { + return element && element.autocomplete == "off"; + }, + + /** + * Trigger capture on any relevant FormLikes due to a navigation alone (not + * necessarily due to an actual form submission). This method is used to + * capture logins for cases where form submit events are not used. + * + * To avoid multiple notifications for the same FormLike, this currently + * avoids capturing when dealing with a real <form> which are ideally already + * using a submit event. + * + * @param {Document} document being navigated + */ + _onNavigation(aDocument) { + let state = this.stateForDocument(aDocument); + let loginFormRootElements = state.loginFormRootElements; + log("_onNavigation: state:", state, "loginFormRootElements size:", loginFormRootElements.size, + "document:", aDocument); + + for (let formRoot of state.loginFormRootElements) { + if (formRoot instanceof Ci.nsIDOMHTMLFormElement) { + // For now only perform capture upon navigation for FormLike's without + // a <form> to avoid capture from both an earlyformsubmit and + // navigation for the same "form". + log("Ignoring navigation for the form root to avoid multiple prompts " + + "since it was for a real <form>"); + continue; + } + let formLike = this._formLikeByRootElement.get(formRoot); + this._onFormSubmit(formLike); + } + }, + + /** + * Called by our observer when notified of a form submission. + * [Note that this happens before any DOM onsubmit handlers are invoked.] + * Looks for a password change in the submitted form, so we can update + * our stored password. + * + * @param {FormLike} form + */ + _onFormSubmit(form) { + log("_onFormSubmit", form); + var doc = form.ownerDocument; + var win = doc.defaultView; + + if (PrivateBrowsingUtils.isContentWindowPrivate(win)) { + // We won't do anything in private browsing mode anyway, + // so there's no need to perform further checks. + log("(form submission ignored in private browsing mode)"); + return; + } + + // If password saving is disabled (globally or for host), bail out now. + if (!gEnabled) + return; + + var hostname = LoginUtils._getPasswordOrigin(doc.documentURI); + if (!hostname) { + log("(form submission ignored -- invalid hostname)"); + return; + } + + let formSubmitURL = LoginUtils._getActionOrigin(form); + let messageManager = messageManagerFromWindow(win); + + let recipes = messageManager.sendSyncMessage("RemoteLogins:findRecipes", { + formOrigin: hostname, + })[0]; + + // Get the appropriate fields from the form. + var [usernameField, newPasswordField, oldPasswordField] = + this._getFormFields(form, true, recipes); + + // Need at least 1 valid password field to do anything. + if (newPasswordField == null) + return; + + // Check for autocomplete=off attribute. We don't use it to prevent + // autofilling (for existing logins), but won't save logins when it's + // present and the storeWhenAutocompleteOff pref is false. + // XXX spin out a bug that we don't update timeLastUsed in this case? + if ((this._isAutocompleteDisabled(form) || + this._isAutocompleteDisabled(usernameField) || + this._isAutocompleteDisabled(newPasswordField) || + this._isAutocompleteDisabled(oldPasswordField)) && + !gStoreWhenAutocompleteOff) { + log("(form submission ignored -- autocomplete=off found)"); + return; + } + + // Don't try to send DOM nodes over IPC. + let mockUsername = usernameField ? + { name: usernameField.name, + value: usernameField.value } : + null; + let mockPassword = { name: newPasswordField.name, + value: newPasswordField.value }; + let mockOldPassword = oldPasswordField ? + { name: oldPasswordField.name, + value: oldPasswordField.value } : + null; + + // Make sure to pass the opener's top in case it was in a frame. + let openerTopWindow = win.opener ? win.opener.top : null; + + messageManager.sendAsyncMessage("RemoteLogins:onFormSubmit", + { hostname: hostname, + formSubmitURL: formSubmitURL, + usernameField: mockUsername, + newPasswordField: mockPassword, + oldPasswordField: mockOldPassword }, + { openerTopWindow }); + }, + + /** + * Attempt to find the username and password fields in a form, and fill them + * in using the provided logins and recipes. + * + * @param {LoginForm} form + * @param {bool} autofillForm denotes if we should fill the form in automatically + * @param {bool} clobberUsername controls if an existing username can be overwritten. + * If this is false and an inputElement of type password + * is also passed, the username field will be ignored. + * If this is false and no inputElement is passed, if the username + * field value is not found in foundLogins, it will not fill the password. + * @param {bool} clobberPassword controls if an existing password value can be + * overwritten + * @param {bool} userTriggered is an indication of whether this filling was triggered by + * the user + * @param {nsILoginInfo[]} foundLogins is an array of nsILoginInfo that could be used for the form + * @param {Set} recipes that could be used to affect how the form is filled + * @param {Object} [options = {}] is a list of options for this method. + - [inputElement] is an optional target input element we want to fill + */ + _fillForm(form, autofillForm, clobberUsername, clobberPassword, + userTriggered, foundLogins, recipes, {inputElement} = {}) { + if (form instanceof Ci.nsIDOMHTMLFormElement) { + throw new Error("_fillForm should only be called with FormLike objects"); + } + + log("_fillForm", form.elements); + let ignoreAutocomplete = true; + // Will be set to one of AUTOFILL_RESULT in the `try` block. + let autofillResult = -1; + const AUTOFILL_RESULT = { + FILLED: 0, + NO_PASSWORD_FIELD: 1, + PASSWORD_DISABLED_READONLY: 2, + NO_LOGINS_FIT: 3, + NO_SAVED_LOGINS: 4, + EXISTING_PASSWORD: 5, + EXISTING_USERNAME: 6, + MULTIPLE_LOGINS: 7, + NO_AUTOFILL_FORMS: 8, + AUTOCOMPLETE_OFF: 9, + INSECURE: 10, + }; + + try { + // Nothing to do if we have no matching logins available, + // and there isn't a need to show the insecure form warning. + if (foundLogins.length == 0 && + (InsecurePasswordUtils.isFormSecure(form) || + !LoginHelper.showInsecureFieldWarning)) { + // We don't log() here since this is a very common case. + autofillResult = AUTOFILL_RESULT.NO_SAVED_LOGINS; + return; + } + + // Heuristically determine what the user/pass fields are + // We do this before checking to see if logins are stored, + // so that the user isn't prompted for a master password + // without need. + var [usernameField, passwordField, ignored] = + this._getFormFields(form, false, recipes); + + // If we have a password inputElement parameter and it's not + // the same as the one heuristically found, use the parameter + // one instead. + if (inputElement) { + if (inputElement.type == "password") { + passwordField = inputElement; + if (!clobberUsername) { + usernameField = null; + } + } else if (LoginHelper.isUsernameFieldType(inputElement)) { + usernameField = inputElement; + } else { + throw new Error("Unexpected input element type."); + } + } + + // Need a valid password field to do anything. + if (passwordField == null) { + log("not filling form, no password field found"); + autofillResult = AUTOFILL_RESULT.NO_PASSWORD_FIELD; + return; + } + + // If the password field is disabled or read-only, there's nothing to do. + if (passwordField.disabled || passwordField.readOnly) { + log("not filling form, password field disabled or read-only"); + autofillResult = AUTOFILL_RESULT.PASSWORD_DISABLED_READONLY; + return; + } + + // Attach autocomplete stuff to the username field, if we have + // one. This is normally used to select from multiple accounts, + // but even with one account we should refill if the user edits. + // We would also need this attached to show the insecure login + // warning, regardless of saved login. + if (usernameField) { + this._formFillService.markAsLoginManagerField(usernameField); + } + + // Nothing to do if we have no matching logins available. + // Only insecure pages reach this block and logs the same + // telemetry flag. + if (foundLogins.length == 0) { + // We don't log() here since this is a very common case. + autofillResult = AUTOFILL_RESULT.NO_SAVED_LOGINS; + return; + } + + // Prevent autofilling insecure forms. + if (!userTriggered && !LoginHelper.insecureAutofill && + !InsecurePasswordUtils.isFormSecure(form)) { + log("not filling form since it's insecure"); + autofillResult = AUTOFILL_RESULT.INSECURE; + return; + } + + var isAutocompleteOff = false; + if (this._isAutocompleteDisabled(form) || + this._isAutocompleteDisabled(usernameField) || + this._isAutocompleteDisabled(passwordField)) { + isAutocompleteOff = true; + } + + // Discard logins which have username/password values that don't + // fit into the fields (as specified by the maxlength attribute). + // The user couldn't enter these values anyway, and it helps + // with sites that have an extra PIN to be entered (bug 391514) + var maxUsernameLen = Number.MAX_VALUE; + var maxPasswordLen = Number.MAX_VALUE; + + // If attribute wasn't set, default is -1. + if (usernameField && usernameField.maxLength >= 0) + maxUsernameLen = usernameField.maxLength; + if (passwordField.maxLength >= 0) + maxPasswordLen = passwordField.maxLength; + + var logins = foundLogins.filter(function (l) { + var fit = (l.username.length <= maxUsernameLen && + l.password.length <= maxPasswordLen); + if (!fit) + log("Ignored", l.username, "login: won't fit"); + + return fit; + }, this); + + if (logins.length == 0) { + log("form not filled, none of the logins fit in the field"); + autofillResult = AUTOFILL_RESULT.NO_LOGINS_FIT; + return; + } + + // Don't clobber an existing password. + if (passwordField.value && !clobberPassword) { + log("form not filled, the password field was already filled"); + autofillResult = AUTOFILL_RESULT.EXISTING_PASSWORD; + return; + } + + // Select a login to use for filling in the form. + var selectedLogin; + if (!clobberUsername && usernameField && (usernameField.value || + usernameField.disabled || + usernameField.readOnly)) { + // If username was specified in the field, it's disabled or it's readOnly, only fill in the + // password if we find a matching login. + var username = usernameField.value.toLowerCase(); + + let matchingLogins = logins.filter(l => + l.username.toLowerCase() == username); + if (matchingLogins.length == 0) { + log("Password not filled. None of the stored logins match the username already present."); + autofillResult = AUTOFILL_RESULT.EXISTING_USERNAME; + return; + } + + // If there are multiple, and one matches case, use it + for (let l of matchingLogins) { + if (l.username == usernameField.value) { + selectedLogin = l; + } + } + // Otherwise just use the first + if (!selectedLogin) { + selectedLogin = matchingLogins[0]; + } + } else if (logins.length == 1) { + selectedLogin = logins[0]; + } else { + // We have multiple logins. Handle a special case here, for sites + // which have a normal user+pass login *and* a password-only login + // (eg, a PIN). Prefer the login that matches the type of the form + // (user+pass or pass-only) when there's exactly one that matches. + let matchingLogins; + if (usernameField) + matchingLogins = logins.filter(l => l.username); + else + matchingLogins = logins.filter(l => !l.username); + + if (matchingLogins.length != 1) { + log("Multiple logins for form, so not filling any."); + autofillResult = AUTOFILL_RESULT.MULTIPLE_LOGINS; + return; + } + + selectedLogin = matchingLogins[0]; + } + + // We will always have a selectedLogin at this point. + + if (!autofillForm) { + log("autofillForms=false but form can be filled"); + autofillResult = AUTOFILL_RESULT.NO_AUTOFILL_FORMS; + return; + } + + if (isAutocompleteOff && !ignoreAutocomplete) { + log("Not filling the login because we're respecting autocomplete=off"); + autofillResult = AUTOFILL_RESULT.AUTOCOMPLETE_OFF; + return; + } + + // Fill the form + + if (usernameField) { + // Don't modify the username field if it's disabled or readOnly so we preserve its case. + let disabledOrReadOnly = usernameField.disabled || usernameField.readOnly; + + let userNameDiffers = selectedLogin.username != usernameField.value; + // Don't replace the username if it differs only in case, and the user triggered + // this autocomplete. We assume that if it was user-triggered the entered text + // is desired. + let userEnteredDifferentCase = userTriggered && userNameDiffers && + usernameField.value.toLowerCase() == selectedLogin.username.toLowerCase(); + + if (!disabledOrReadOnly && !userEnteredDifferentCase && userNameDiffers) { + usernameField.setUserInput(selectedLogin.username); + } + } + + let doc = form.ownerDocument; + if (passwordField.value != selectedLogin.password) { + passwordField.setUserInput(selectedLogin.password); + let autoFilledLogin = { + guid: selectedLogin.QueryInterface(Ci.nsILoginMetaInfo).guid, + username: selectedLogin.username, + usernameField: usernameField ? Cu.getWeakReference(usernameField) : null, + password: selectedLogin.password, + passwordField: Cu.getWeakReference(passwordField), + }; + log("Saving autoFilledLogin", autoFilledLogin.guid, "for", form.rootElement); + this.stateForDocument(doc).fillsByRootElement.set(form.rootElement, autoFilledLogin); + } + + log("_fillForm succeeded"); + autofillResult = AUTOFILL_RESULT.FILLED; + + let win = doc.defaultView; + let messageManager = messageManagerFromWindow(win); + messageManager.sendAsyncMessage("LoginStats:LoginFillSuccessful"); + } finally { + if (autofillResult == -1) { + // eslint-disable-next-line no-unsafe-finally + throw new Error("_fillForm: autofillResult must be specified"); + } + + if (!userTriggered) { + // Ignore fills as a result of user action for this probe. + Services.telemetry.getHistogramById("PWMGR_FORM_AUTOFILL_RESULT").add(autofillResult); + + if (usernameField) { + let focusedElement = this._formFillService.focusedInput; + if (usernameField == focusedElement && + autofillResult !== AUTOFILL_RESULT.FILLED) { + log("_fillForm: Opening username autocomplete popup since the form wasn't autofilled"); + this._formFillService.showPopup(); + } + } + } + + if (usernameField) { + log("_fillForm: Attaching event listeners to usernameField"); + usernameField.addEventListener("focus", observer); + usernameField.addEventListener("contextmenu", observer); + } + + Services.obs.notifyObservers(form.rootElement, "passwordmgr-processed-form", null); + } + }, + + /** + * Given a field, determine whether that field was last filled as a username + * field AND whether the username is still filled in with the username AND + * whether the associated password field has the matching password. + * + * @note This could possibly be unified with getFieldContext but they have + * slightly different use cases. getFieldContext looks up recipes whereas this + * method doesn't need to since it's only returning a boolean based upon the + * recipes used for the last fill (in _fillForm). + * + * @param {HTMLInputElement} aUsernameField element contained in a FormLike + * cached in _formLikeByRootElement. + * @returns {Boolean} whether the username and password fields still have the + * last-filled values, if previously filled. + */ + _isLoginAlreadyFilled(aUsernameField) { + let formLikeRoot = FormLikeFactory.findRootForField(aUsernameField); + // Look for the existing FormLike. + let existingFormLike = this._formLikeByRootElement.get(formLikeRoot); + if (!existingFormLike) { + throw new Error("_isLoginAlreadyFilled called with a username field with " + + "no rootElement FormLike"); + } + + log("_isLoginAlreadyFilled: existingFormLike", existingFormLike); + let filledLogin = this.stateForDocument(aUsernameField.ownerDocument).fillsByRootElement.get(formLikeRoot); + if (!filledLogin) { + return false; + } + + // Unpack the weak references. + let autoFilledUsernameField = filledLogin.usernameField ? filledLogin.usernameField.get() : null; + let autoFilledPasswordField = filledLogin.passwordField.get(); + + // Check username and password values match what was filled. + if (!autoFilledUsernameField || + autoFilledUsernameField != aUsernameField || + autoFilledUsernameField.value != filledLogin.username || + !autoFilledPasswordField || + autoFilledPasswordField.value != filledLogin.password) { + return false; + } + + return true; + }, + + /** + * Verify if a field is a valid login form field and + * returns some information about it's FormLike. + * + * @param {Element} aField + * A form field we want to verify. + * + * @returns {Object} an object with information about the + * FormLike username and password field + * or null if the passed field is invalid. + */ + getFieldContext(aField) { + // If the element is not a proper form field, return null. + if (!(aField instanceof Ci.nsIDOMHTMLInputElement) || + (aField.type != "password" && !LoginHelper.isUsernameFieldType(aField)) || + !aField.ownerDocument) { + return null; + } + let form = LoginFormFactory.createFromField(aField); + + let doc = aField.ownerDocument; + let messageManager = messageManagerFromWindow(doc.defaultView); + let recipes = messageManager.sendSyncMessage("RemoteLogins:findRecipes", { + formOrigin: LoginUtils._getPasswordOrigin(doc.documentURI), + })[0]; + + let [usernameField, newPasswordField] = + this._getFormFields(form, false, recipes); + + // If we are not verifying a password field, we want + // to use aField as the username field. + if (aField.type != "password") { + usernameField = aField; + } + + return { + usernameField: { + found: !!usernameField, + disabled: usernameField && (usernameField.disabled || usernameField.readOnly), + }, + passwordField: { + found: !!newPasswordField, + disabled: newPasswordField && (newPasswordField.disabled || newPasswordField.readOnly), + }, + }; + }, +}; + +var LoginUtils = { + /** + * Get the parts of the URL we want for identification. + * Strip out things like the userPass portion + */ + _getPasswordOrigin(uriString, allowJS) { + var realm = ""; + try { + var uri = Services.io.newURI(uriString, null, null); + + if (allowJS && uri.scheme == "javascript") + return "javascript:"; + + // Build this manually instead of using prePath to avoid including the userPass portion. + realm = uri.scheme + "://" + uri.hostPort; + } catch (e) { + // bug 159484 - disallow url types that don't support a hostPort. + // (although we handle "javascript:..." as a special case above.) + log("Couldn't parse origin for", uriString, e); + realm = null; + } + + return realm; + }, + + _getActionOrigin(form) { + var uriString = form.action; + + // A blank or missing action submits to where it came from. + if (uriString == "") + uriString = form.baseURI; // ala bug 297761 + + return this._getPasswordOrigin(uriString, true); + }, +}; + +// nsIAutoCompleteResult implementation +function UserAutoCompleteResult(aSearchString, matchingLogins, {isSecure, messageManager, isPasswordField}) { + function loginSort(a, b) { + var userA = a.username.toLowerCase(); + var userB = b.username.toLowerCase(); + + if (userA < userB) + return -1; + + if (userA > userB) + return 1; + + return 0; + } + + function findDuplicates(loginList) { + let seen = new Set(); + let duplicates = new Set(); + for (let login of loginList) { + if (seen.has(login.username)) { + duplicates.add(login.username); + } + seen.add(login.username); + } + return duplicates; + } + + this._showInsecureFieldWarning = (!isSecure && LoginHelper.showInsecureFieldWarning) ? 1 : 0; + this.searchString = aSearchString; + this.logins = matchingLogins.sort(loginSort); + this.matchCount = matchingLogins.length + this._showInsecureFieldWarning; + this._messageManager = messageManager; + this._stringBundle = Services.strings.createBundle("chrome://passwordmgr/locale/passwordmgr.properties"); + this._dateAndTimeFormatter = new Intl.DateTimeFormat(undefined, + { day: "numeric", month: "short", year: "numeric" }); + + this._isPasswordField = isPasswordField; + + this._duplicateUsernames = findDuplicates(matchingLogins); + + if (this.matchCount > 0) { + this.searchResult = Ci.nsIAutoCompleteResult.RESULT_SUCCESS; + this.defaultIndex = 0; + } +} + +UserAutoCompleteResult.prototype = { + QueryInterface : XPCOMUtils.generateQI([Ci.nsIAutoCompleteResult, + Ci.nsISupportsWeakReference]), + + // private + logins : null, + + // Allow autoCompleteSearch to get at the JS object so it can + // modify some readonly properties for internal use. + get wrappedJSObject() { + return this; + }, + + // Interfaces from idl... + searchString : null, + searchResult : Ci.nsIAutoCompleteResult.RESULT_NOMATCH, + defaultIndex : -1, + errorDescription : "", + matchCount : 0, + + getValueAt(index) { + if (index < 0 || index >= this.matchCount) { + throw new Error("Index out of range."); + } + + if (this._showInsecureFieldWarning && index === 0) { + return ""; + } + + let selectedLogin = this.logins[index - this._showInsecureFieldWarning]; + + return this._isPasswordField ? selectedLogin.password : selectedLogin.username; + }, + + getLabelAt(index) { + if (index < 0 || index >= this.matchCount) { + throw new Error("Index out of range."); + } + + if (this._showInsecureFieldWarning && index === 0) { + return this._stringBundle.GetStringFromName("insecureFieldWarningDescription") + " " + + this._stringBundle.GetStringFromName("insecureFieldWarningLearnMore"); + } + + let that = this; + + function getLocalizedString(key, formatArgs) { + if (formatArgs) { + return that._stringBundle.formatStringFromName(key, formatArgs, formatArgs.length); + } + return that._stringBundle.GetStringFromName(key); + } + + let login = this.logins[index - this._showInsecureFieldWarning]; + let username = login.username; + // If login is empty or duplicated we want to append a modification date to it. + if (!username || this._duplicateUsernames.has(username)) { + if (!username) { + username = getLocalizedString("noUsername"); + } + let meta = login.QueryInterface(Ci.nsILoginMetaInfo); + let time = this._dateAndTimeFormatter.format(new Date(meta.timePasswordChanged)); + username = getLocalizedString("loginHostAge", [username, time]); + } + + return username; + }, + + getCommentAt(index) { + return ""; + }, + + getStyleAt(index) { + if (index == 0 && this._showInsecureFieldWarning) { + return "insecureWarning"; + } + + return "login"; + }, + + getImageAt(index) { + return ""; + }, + + getFinalCompleteValueAt(index) { + return this.getValueAt(index); + }, + + removeValueAt(index, removeFromDB) { + if (index < 0 || index >= this.matchCount) { + throw new Error("Index out of range."); + } + + if (this._showInsecureFieldWarning && index === 0) { + // Ignore the warning message item. + return; + } + if (this._showInsecureFieldWarning) { + index--; + } + + var [removedLogin] = this.logins.splice(index, 1); + + this.matchCount--; + if (this.defaultIndex > this.logins.length) + this.defaultIndex--; + + if (removeFromDB) { + if (this._messageManager) { + let vanilla = LoginHelper.loginToVanillaObject(removedLogin); + this._messageManager.sendAsyncMessage("RemoteLogins:removeLogin", + { login: vanilla }); + } else { + Services.logins.removeLogin(removedLogin); + } + } + } +}; + +/** + * A factory to generate FormLike objects that represent a set of login fields + * which aren't necessarily marked up with a <form> element. + */ +var LoginFormFactory = { + /** + * Create a LoginForm object from a <form>. + * + * @param {HTMLFormElement} aForm + * @return {LoginForm} + * @throws Error if aForm isn't an HTMLFormElement + */ + createFromForm(aForm) { + let formLike = FormLikeFactory.createFromForm(aForm); + formLike.action = LoginUtils._getActionOrigin(aForm); + + let state = LoginManagerContent.stateForDocument(formLike.ownerDocument); + state.loginFormRootElements.add(formLike.rootElement); + log("adding", formLike.rootElement, "to loginFormRootElements for", formLike.ownerDocument); + + LoginManagerContent._formLikeByRootElement.set(formLike.rootElement, formLike); + return formLike; + }, + + /** + * Create a LoginForm object from a password or username field. + * + * If the field is in a <form>, construct the LoginForm from the form. + * Otherwise, create a LoginForm with a rootElement (wrapper) according to + * heuristics. Currently all <input> not in a <form> are one LoginForm but this + * shouldn't be relied upon as the heuristics may change to detect multiple + * "forms" (e.g. registration and login) on one page with a <form>. + * + * Note that two LoginForms created from the same field won't return the same LoginForm object. + * Use the `rootElement` property on the LoginForm as a key instead. + * + * @param {HTMLInputElement} aField - a password or username field in a document + * @return {LoginForm} + * @throws Error if aField isn't a password or username field in a document + */ + createFromField(aField) { + if (!(aField instanceof Ci.nsIDOMHTMLInputElement) || + (aField.type != "password" && !LoginHelper.isUsernameFieldType(aField)) || + !aField.ownerDocument) { + throw new Error("createFromField requires a password or username field in a document"); + } + + if (aField.form) { + return this.createFromForm(aField.form); + } + + let formLike = FormLikeFactory.createFromField(aField); + formLike.action = LoginUtils._getPasswordOrigin(aField.ownerDocument.baseURI); + log("Created non-form FormLike for rootElement:", aField.ownerDocument.documentElement); + + let state = LoginManagerContent.stateForDocument(formLike.ownerDocument); + state.loginFormRootElements.add(formLike.rootElement); + log("adding", formLike.rootElement, "to loginFormRootElements for", formLike.ownerDocument); + + + LoginManagerContent._formLikeByRootElement.set(formLike.rootElement, formLike); + + return formLike; + }, +}; |