// Copyright 2013 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include <string> #include <utility> #include "base/command_line.h" #include "base/containers/contains.h" #include "base/feature_list.h" #include "base/files/file_util.h" #include "base/functional/bind.h" #include "base/location.h" #include "base/memory/ptr_util.h" #include "base/memory/raw_ptr.h" #include "base/metrics/histogram_samples.h" #include "base/metrics/statistics_recorder.h" #include "base/path_service.h" #include "base/run_loop.h" #include "base/strings/stringprintf.h" #include "base/strings/utf_string_conversions.h" #include "base/test/metrics/histogram_tester.h" #include "base/test/run_until.h" #include "base/test/scoped_feature_list.h" #include "base/threading/thread_restrictions.h" #include "build/build_config.h" #include "build/buildflag.h" #include "build/chromeos_buildflags.h" #include "chrome/browser/password_manager/chrome_password_manager_client.h" #include "chrome/browser/password_manager/password_manager_test_base.h" #include "chrome/browser/password_manager/password_manager_uitest_util.h" #include "chrome/browser/password_manager/passwords_navigation_observer.h" #include "chrome/browser/password_manager/profile_password_store_factory.h" #include "chrome/browser/profiles/profile.h" #include "chrome/browser/ui/autofill/chrome_autofill_client.h" #include "chrome/browser/ui/browser.h" #include "chrome/browser/ui/browser_finder.h" #include "chrome/browser/ui/browser_navigator_params.h" #include "chrome/browser/ui/login/login_handler.h" #include "chrome/browser/ui/passwords/manage_passwords_ui_controller.h" #include "chrome/browser/ui/tabs/tab_enums.h" #include "chrome/browser/ui/tabs/tab_strip_model.h" #include "chrome/browser/ui/test/test_browser_dialog.h" #include "chrome/common/chrome_paths.h" #include "chrome/test/base/ui_test_utils.h" #include "components/autofill/content/browser/content_autofill_client.h" #include "components/autofill/content/browser/content_autofill_driver.h" #include "components/autofill/content/browser/content_autofill_driver_factory.h" #include "components/autofill/content/browser/test_autofill_client_injector.h" #include "components/autofill/content/common/mojom/autofill_driver.mojom-test-utils.h" #include "components/autofill/content/common/mojom/autofill_driver.mojom.h" #include "components/autofill/core/browser/autofill_test_utils.h" #include "components/autofill/core/browser/field_types.h" #include "components/autofill/core/browser/proto/api_v1.pb.h" #include "components/autofill/core/common/autofill_features.h" #include "components/autofill/core/common/autofill_switches.h" #include "components/autofill/core/common/form_field_data.h" #include "components/autofill/core/common/mojom/autofill_types.mojom-shared.h" #include "components/autofill/core/common/unique_ids.h" #include "components/input/native_web_keyboard_event.h" #include "components/password_manager/content/browser/content_password_manager_driver.h" #include "components/password_manager/content/browser/content_password_manager_driver_factory.h" #include "components/password_manager/core/browser/features/password_features.h" #include "components/password_manager/core/browser/form_parsing/password_field_prediction.h" #include "components/password_manager/core/browser/http_auth_manager.h" #include "components/password_manager/core/browser/http_auth_observer.h" #include "components/password_manager/core/browser/password_form.h" #include "components/password_manager/core/browser/password_form_manager.h" #include "components/password_manager/core/browser/password_manager_client.h" #include "components/password_manager/core/browser/password_manager_driver.h" #include "components/password_manager/core/browser/password_store/password_store_interface.h" #include "components/password_manager/core/browser/password_store/test_password_store.h" #include "components/password_manager/core/common/password_manager_features.h" #include "components/signin/public/base/signin_buildflags.h" #include "components/version_info/version_info.h" #include "content/public/browser/browser_task_traits.h" #include "content/public/browser/browser_thread.h" #include "content/public/browser/navigation_controller.h" #include "content/public/browser/navigation_handle.h" #include "content/public/browser/render_frame_host.h" #include "content/public/browser/render_process_host.h" #include "content/public/browser/render_view_host.h" #include "content/public/browser/render_widget_host_view.h" #include "content/public/browser/web_contents.h" #include "content/public/browser/web_contents_observer.h" #include "content/public/common/content_features.h" #include "content/public/common/content_switches.h" #include "content/public/test/back_forward_cache_util.h" #include "content/public/test/browser_test.h" #include "content/public/test/browser_test_utils.h" #include "content/public/test/content_browser_test_utils.h" #include "content/public/test/prerender_test_util.h" #include "content/public/test/test_utils.h" #include "content/public/test/url_loader_interceptor.h" #include "google_apis/gaia/gaia_switches.h" #include "net/base/filename_util.h" #include "net/dns/mock_host_resolver.h" #include "net/test/embedded_test_server/http_request.h" #include "net/test/embedded_test_server/http_response.h" #include "services/network/public/cpp/is_potentially_trustworthy.h" #include "testing/gmock/include/gmock/gmock.h" #include "third_party/blink/public/common/input/web_input_event.h" #include "third_party/blink/public/common/input/web_keyboard_event.h" #include "ui/events/keycodes/keyboard_codes.h" #include "ui/gfx/geometry/point.h" #if BUILDFLAG(ENABLE_DICE_SUPPORT) #include "chrome/browser/password_manager/password_manager_signin_intercept_test_helper.h" #include "chrome/browser/signin/dice_web_signin_interceptor.h" #include "chrome/browser/signin/identity_manager_factory.h" #include "components/signin/public/identity_manager/identity_manager.h" #include "components/signin/public/identity_manager/primary_account_mutator.h" #endif // BUIDLFLAG(ENABLE_DICE_SUPPORT) ParsingResult; CreateFieldPrediction; ASCIIToUTF16; Feature; _; ElementsAre; Field; Pair; SizeIs; namespace password_manager { namespace { class PasswordManagerBrowserTest : public PasswordManagerBrowserTestBase { … }; // A test fixture that injects an `ObservingAutofillClient` into newly created // tabs to allow waiting for an Autofill popup to open. class PasswordManagerAutofillPopupBrowserTest : public PasswordManagerBrowserTest { … }; // This fixture enables communication to the Autofill crowdsourcing server, but // denies any such requests. class PasswordManagerVotingBrowserTest : public PasswordManagerBrowserTest { … }; // Test class for testing password manager with the BackForwardCache feature // enabled. More info about the BackForwardCache, see: // http://doc/1YrBKX_eFMA9KoYof-eVThT35jcTqWcH_rRxYbR5RapU class PasswordManagerBackForwardCacheBrowserTest : public PasswordManagerBrowserTest { … }; class MockHttpAuthObserver : public password_manager::HttpAuthObserver { … }; GURL GetFileURL(const char* filename) { … } // Handles |request| to "/basic_auth". If "Authorization" header is present, // responds with a non-empty HTTP 200 page (regardless of its value). Otherwise // serves a Basic Auth challenge. std::unique_ptr<net::test_server::HttpResponse> HandleTestAuthRequest( const net::test_server::HttpRequest& request) { … } void TestPromptNotShown(const char* failure_message, content::WebContents* web_contents) { … } // Generate HTML for a simple password form with the specified action URL. std::string GeneratePasswordFormForAction(const GURL& action_url) { … } // Inject an about:blank frame with a password form that uses the specified // action URL into |web_contents|. void InjectBlankFrameWithPasswordForm(content::WebContents* web_contents, const GURL& action_url) { … } // Inject an iframe with a password form that uses the specified action URL into // |web_contents|. void InjectFrameWithPasswordForm(content::WebContents* web_contents, const GURL& action_url) { … } // Fills in a fake password and submits the form in |frame|, waiting for the // submit navigation to finish. |action_url| is the form action URL to wait // for. void SubmitInjectedPasswordForm(content::WebContents* web_contents, content::RenderFrameHost* frame, const GURL& action_url) { … } void SetUrlAsTrustworthy(const std::string& url) { … } // Actual tests --------------------------------------------------------------- IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForNormalSubmit) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoPromptIfFormReappeared) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptIfChangePasswordFormReappearedEmpty) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoPromptIfFormReappearedWithPartsHidden) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoPromptIfFormReappearedInputOutsideFor) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoPromptAfterCredentialsAPIPasswordStore) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForSubmitWithSameDocumentNavigation) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, LoginSuccessWithUnrelatedForm) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, LoginFailed) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForSubmitUsingJavaScript) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForDynamicForm) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoPromptForNavigation) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoPromptForSubFrameNavigation) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoPromptForSameFormWithDifferentAction) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoPromptForActionMutation) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoPromptForFormWithEnteredUsername) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForDifferentFormWithEmptyAction) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptAfterSubmitWithSubFrameNavigation) { … } IN_PROC_BROWSER_TEST_F( PasswordManagerBrowserTest, NoPromptForFailedLoginFromMainFrameWithMultiFramesSameDocument) { … } IN_PROC_BROWSER_TEST_F( PasswordManagerBrowserTest, NoPromptForFailedLoginFromSubFrameWithMultiFramesSameDocument) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForXHRSubmit) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForXHRSubmitWithoutNavigation) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForXHRSubmitWithoutNavigation_SignupForm) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoPromptForXHRSubmitWithoutNavigationWithUnfilledForm) { … } IN_PROC_BROWSER_TEST_F( PasswordManagerBrowserTest, NoPromptForXHRSubmitWithoutNavigationWithUnfilledForm_SignupForm) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForFetchSubmit) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForFetchSubmitWithoutNavigation) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForFetchSubmitWithoutNavigation_SignupForm) { … } IN_PROC_BROWSER_TEST_F( PasswordManagerBrowserTest, NoPromptForFetchSubmitWithoutNavigationWithUnfilledForm) { … } IN_PROC_BROWSER_TEST_F( PasswordManagerBrowserTest, NoPromptForFetchSubmitWithoutNavigationWithUnfilledForm_SignupForm) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoPromptIfLinkClicked) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerVotingBrowserTest, VerifyPasswordGenerationUpload) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForSubmitFromIframe) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForInputElementWithoutName) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForInputElementWithoutId) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForInputElementWithoutIdAndName) { … } // Test for checking that no prompt is shown for URLs with file: scheme. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoPromptForFileSchemeURLs) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoPromptForLandingPageWithHTTPErrorStatusCode) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, DeleteFrameBeforeSubmit) { … } class PasswordManagerOverwritePlaceholderTest : public PasswordManagerBrowserTest { … }; // Tests that login page with prefilled credentials is overwritten if server // classified the placeholder value. IN_PROC_BROWSER_TEST_F(PasswordManagerOverwritePlaceholderTest, FillIfServerPredictionSaysUsernameIsPlaceholder) { … } // Tests that prefilled credentials were not overwritten since there is no // signal that the values are placeholders. IN_PROC_BROWSER_TEST_F(PasswordManagerOverwritePlaceholderTest, NonPlaceholderPasswordNotOverwritten) { … } // Tests that well-known placeholder values in the username field are // overwritten on page load. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, FillIfUsernameIsPlaceholder) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, UsernameAndPasswordValueAccessible) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PasswordValueAccessibleOnSubmit) { … } // Test fix for crbug.com/338650. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, DontPromptForPasswordFormWithDefaultValue) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, DontPromptForPasswordFormWithReadonlyPasswordField) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptWhenEnableAutomaticPasswordSavingSwitchIsNotSet) { … } // Test fix for crbug.com/368690. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoPromptWhenReloading) { … } // Test that if a form gets dynamically added between the form parsing and // rendering, and while the main frame still loads, it still is registered, and // thus saving passwords from it works. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, FormsAddedBetweenParsingAndRendering) { … } // Test that if a hidden form gets dynamically added between the form parsing // and rendering, it still is registered, and autofilling works. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, HiddenFormAddedBetweenParsingAndRendering) { … } // https://crbug.com/713645 // Navigate to a page that can't load some of the subresources. Create a hidden // form when the body is loaded. Make the form visible. Chrome should autofill // the form. // The fact that the form is hidden isn't super important but reproduces the // actual bug. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, SlowPageFill) { … } // Test that if there was no previous page load then the PasswordManagerDriver // does not think that there were SSL errors on the current page. The test opens // a new tab with a URL for which the embedded test server issues a basic auth // challenge. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoLastLoadGoodLastLoad) { … } // Fill out a form and click a button. The Javascript removes the form, creates // a similar one with another action, fills it out and submits. Chrome can // manage to detect the new one and create a complete matching // PasswordFormManager. Otherwise, the all-but-action matching PFM should be // used. Regardless of the internals the user sees the bubble in 100% cases. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PreferPasswordFormManagerWhichFinishedMatching) { … } // Tests whether a attempted submission of a malicious credentials gets blocked. // This simulates a case which is described in http://crbug.com/571580. IN_PROC_BROWSER_TEST_F( PasswordManagerBrowserTest, NoPromptForSeparateLoginFormWhenSwitchingFromHttpsToHttp) { … } // Tests that after HTTP -> HTTPS migration the credential is autofilled. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, HttpMigratedCredentialAutofilled) { … } // Tests that obsolete HTTP credentials are moved when a site migrated to HTTPS // and has HSTS enabled. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, ObsoleteHttpCredentialMovedOnMigrationToHstsSite) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptWhenPasswordFormWithoutUsernameFieldSubmitted) { … } // Test that if a form gets autofilled, then it gets autofilled on re-creation // as well. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, ReCreatedFormsGetFilled) { … } // Test that if the same dynamic form is created multiple times then all of them // are autofilled. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, DuplicateFormsGetFilled) { … } // Test that an autofilled credential is deleted then the password manager // doesn't try to resurrect it on navigation. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, DeletedPasswordIsNotRevived) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForPushStateWhenFormDisappears) { … } // Similar to the case above, but this time the form persists after // 'history.pushState()'. And save password prompt should not show up // in this case. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoPromptForPushStateWhenFormPersists) { … } // The password manager should distinguish forms with empty actions. After // successful login, the login form disappears, but the another one shouldn't be // recognized as the login form. The save prompt should appear. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForPushStateWhenFormWithEmptyActionDisappears) { … } // Similar to the case above, but this time the form persists after // 'history.pushState()'. The password manager should find the login form even // if the action of the form is empty. Save password prompt should not show up. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForPushStateWhenFormWithEmptyActionPersists) { … } // Current and target URLs contain different parameters and references. This // test checks that parameters and references in origins are ignored for // form origin comparison. IN_PROC_BROWSER_TEST_F( PasswordManagerBrowserTest, PromptForPushStateWhenFormDisappears_ParametersInOrigins) { … } // Similar to the case above, but this time the form persists after // 'history.pushState()'. The password manager should find the login form even // if target and current URLs contain different parameters or references. // Save password prompt should not show up. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForPushStateWhenFormPersists_ParametersInOrigins) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerAutofillPopupBrowserTest, InFrameNavigationDoesNotClearPopupState) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, ChangePwdFormBubbleShown) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, ChangePwdFormPushStateBubbleShown) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoPromptOnBack) { … } // Regression test for http://crbug.com/452306 IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, ChangingTextToPasswordFieldOnSignupForm) { … } // Regression test for http://crbug.com/451631 IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, SavingOnManyPasswordFieldsTest) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, SaveWhenIFrameDestroyedOnFormSubmit) { … } IN_PROC_BROWSER_TEST_F( PasswordManagerBrowserTest, IFrameDetachedRightAfterFormSubmission_UpdateBubbleShown) { … } // Check that a username and password are filled into forms in iframes // that don't share the security origin with the main frame, but have PSL // matched origins. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PSLMatchedCrossSiteFillTest) { … } // Check that a username and password are not filled in forms in iframes // that don't have PSL matched origins. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PSLUnMatchedCrossSiteFillTest) { … } // Check that a password form in an iframe of same origin will not be // filled in until user interact with the iframe. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, SameOriginIframeAutoFillTest) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, ChangePwdNoAccountStored) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, ChangePwd1AccountStored) { … } // This fixture disable autofill. If a password is autofilled, then all the // Javascript changes are discarded and test below would not be able to feed a // new password to the form. class PasswordManagerBrowserTestWithAutofillDisabled : public PasswordManagerBrowserTest { … }; IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTestWithAutofillDisabled, PasswordOverriddenUpdateBubbleShown) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PasswordNotOverriddenUpdateBubbleNotShown) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, MultiplePasswordsWithPasswordSelectionEnabled) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, ChangePwdWhenTheFormContainNotUsernameTextfield) { … } // Test whether the password form with the username and password fields having // ambiguity in id attribute gets autofilled correctly. IN_PROC_BROWSER_TEST_F( PasswordManagerBrowserTest, AutofillSuggestionsForPasswordFormWithAmbiguousIdAttribute) { … } // Test whether the password form having username and password fields without // name and id attribute gets autofilled correctly. IN_PROC_BROWSER_TEST_F( PasswordManagerBrowserTest, AutofillSuggestionsForPasswordFormWithoutNameOrIdAttribute) { … } // Test whether the change password form having username and password fields // without name and id attribute gets autofilled correctly. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, AutofillSuggestionsForChangePwdWithEmptyNames) { … } // Test whether the change password form having username and password fields // with empty names but having |autocomplete='current-password'| gets autofilled // correctly. IN_PROC_BROWSER_TEST_F( PasswordManagerBrowserTest, AutofillSuggestionsForChangePwdWithEmptyNamesAndAutocomplete) { … } // Test whether the change password form having username and password fields // with empty names but having only new password fields having // |autocomplete='new-password'| atrribute do not get autofilled. IN_PROC_BROWSER_TEST_F( PasswordManagerBrowserTest, AutofillSuggestionsForChangePwdWithEmptyNamesButOnlyNewPwdField) { … } // When there are multiple HttpAuthObservers (e.g., multiple HTTP auth dialogs // as in http://crbug.com/537823), ensure that credentials from PasswordStore // distributed to them are filtered by the realm. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, BasicAuthSeparateRealms) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, ProxyAuthFilling) { … } // Test whether the password form which is loaded as hidden is autofilled // correctly. This happens very often in situations when in order to sign-in the // user clicks a sign-in button and a hidden passsword form becomes visible. // This test differs from AutofillSuggestionsForProblematicPasswordForm in that // the form is hidden and in that test only some fields are hidden. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, AutofillSuggestionsHiddenPasswordForm) { … } // Test whether the password form with the problematic invisible password field // gets autofilled correctly. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, AutofillSuggestionsForProblematicPasswordForm) { … } // Test whether the password form with the problematic invisible password field // in ambiguous password form gets autofilled correctly. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, AutofillSuggestionsForProblematicAmbiguousPasswordForm) { … } // Check that the internals page contains logs from the renderer. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, DISABLED_InternalsPage_Renderer) { … } // Check that the internals page contains logs from the browser. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, InternalsPage_Browser) { … } // Tests that submitted credentials are saved on a password form without // username element when there are no stored credentials. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PasswordRetryFormSaveNoUsernameCredentials) { … } // Tests that no bubble shown when a password form without username submitted // and there is stored credentials with the same password. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PasswordRetryFormNoBubbleWhenPasswordTheSame) { … } // Tests that the update bubble shown when a password form without username is // submitted and there are stored credentials but with different password. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PasswordRetryFormUpdateBubbleShown) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoCrashWhenNavigatingWithOpenAccountPicker) { … } // Tests that the prompt to save the password is still shown if the fields have // the "autocomplete" attribute set off. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, PromptForSubmitWithAutocompleteOff) { … } IN_PROC_BROWSER_TEST_F( PasswordManagerBrowserTest, SkipZeroClickNotToggledAfterSuccessfulSubmissionWithAPI) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, SkipZeroClickNotToggledAfterSuccessfulAutofill) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, ReattachWebContents) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, FillWhenFormWithHiddenUsername) { … } // Harness for showing dialogs as part of the DialogBrowserTest suite. // Test params: // - bool popup_views_enabled: whether feature AutofillExpandedPopupViews // is enabled for testing. class PasswordManagerDialogBrowserTest : public SupportsTestDialog<PasswordManagerBrowserTestBase> { … }; IN_PROC_BROWSER_TEST_F(PasswordManagerDialogBrowserTest, InvokeUi_normal) { … } // Verify that password manager ignores passwords on forms injected into // about:blank frames. See https://crbug.com/756587. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, AboutBlankFramesAreIgnored) { … } // Verify that password manager ignores passwords on forms injected into // about:blank popups. See https://crbug.com/756587. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, AboutBlankPopupsAreIgnored) { … } // Verify that previously saved passwords for about:blank frames are not used // for autofill. See https://crbug.com/756587. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, ExistingAboutBlankPasswordsAreNotUsed) { … } // Verify that there is no renderer kill when filling out a password on a // subframe with a data: URL. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoRendererKillWithDataURLFrames) { … } // Verify that there is no renderer kill when filling out a password on a // blob: URL. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoRendererKillWithBlobURLFrames) { … } // Test that for HTTP auth (i.e., credentials not put through web forms) the // password manager works even though it should be disabled on the previous // page. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, CorrectEntryForHttpAuth) { … } // Test that if HTTP auth login (i.e., credentials not put through web forms) // succeeds, and there is a blocklisted entry with the HTML PasswordForm::Scheme // for that origin, then the bubble is shown. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, HTTPAuthRealmAfterHTMLBlocklistedIsNotBlocked) { … } // Test that if HTML login succeeds, and there is a blocklisted entry // with the HTTP auth PasswordForm::Scheme (i.e., credentials not put // through web forms) for that origin, then the bubble is shown. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, HTMLLoginAfterHTTPAuthBlocklistedIsNotBlocked) { … } // Tests that "blocklist site" feature works for the basic scenario. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, HTMLLoginAfterHTMLBlocklistedIsBlocklisted) { … } // This test emulates what was observed in https://crbug.com/856543: Imagine the // user stores a single username/password pair on origin A, and later submits a // username-less password-reset form on origin B. In the bug, A and B were // PSL-matches (different, but with the same eTLD+1), and Chrome ended up // overwriting the old password with the new one. This test checks that update // bubble is shown instead of silent update. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoSilentOverwriteOnPSLMatch) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoFillGaiaReauthenticationForm) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, NoFillGaiaWithSkipSavePasswordForm) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, FormDynamicallyChanged) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, ParserAnnotations) { … } // Test if |PasswordManager.FormVisited.PerProfileType| metrics are recorded as // expected. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, ProfileTypeMetricSubmission) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBackForwardCacheBrowserTest, SavePasswordOnRestoredPage) { … } // Test that if the credentials API is used, it makes the page ineligible for // caching in the BackForwardCache. // // See where BackForwardCache::DisableForRenderFrameHost is called in // chrome_password_manager_client.cc for explanation. IN_PROC_BROWSER_TEST_F(PasswordManagerBackForwardCacheBrowserTest, NotCachedIfCredentialsAPIUsed) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBackForwardCacheBrowserTest, CredentialsAPIOnlyCalledOnRestoredPage) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, DetectFormSubmissionOnIframe) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, ShowPasswordManagerNoBrowser) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTest, FormWithoutTextInputs) { … } #if BUILDFLAG(ENABLE_DICE_SUPPORT) // This test suite only applies to Gaia signin page, and checks that the // signin interception bubble and the password bubbles never conflict. class PasswordManagerBrowserTestWithSigninInterception : public PasswordManagerBrowserTest { … }; // Checks that password update suppresses signin interception. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTestWithSigninInterception, InterceptionBubbleSuppressedByPasswordUpdate) { … } // Checks that Gaia password can be saved when there is no interception. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTestWithSigninInterception, SaveGaiaPassword) { … } // Checks that signin interception suppresses password save, if the form is // processed before the signin completes. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTestWithSigninInterception, SavePasswordSuppressedBeforeSignin) { … } // Checks that signin interception suppresses password save, if the form is // processed after the signin completes. IN_PROC_BROWSER_TEST_F(PasswordManagerBrowserTestWithSigninInterception, SavePasswordSuppressedAfterSignin) { … } #endif // BUIDLFLAG(ENABLE_DICE_SUPPORT) // This is for checking that we don't make unexpected calls to the password // manager driver prior to activation and to permit checking that expected calls // do happen after activation. class MockPrerenderPasswordManagerDriver : public autofill::mojom::PasswordManagerDriverInterceptorForTesting { … }; class MockPrerenderPasswordManagerDriverInjector : public content::WebContentsObserver { … }; class PasswordManagerPrerenderBrowserTest : public PasswordManagerBrowserTest { … }; // Tests that the prerender doesn't proceed HTTP auth login and once the page // is loaded as the primary page the prompt is shown. As the page is // not loaded from the prerender, it also checks if it's not activated from the // prerender. IN_PROC_BROWSER_TEST_F(PasswordManagerPrerenderBrowserTest, ChromePasswordManagerClientInPrerender) { … } // Tests that saving password doesn't work in the prerendering. IN_PROC_BROWSER_TEST_F(PasswordManagerPrerenderBrowserTest, SavePasswordInPrerender) { … } // Tests that Mojo messages in prerendering are deferred from the render to // the PasswordManagerDriver until activation. IN_PROC_BROWSER_TEST_F(PasswordManagerPrerenderBrowserTest, MojoDeferringInPrerender) { … } /// Inject the mock driver when navigation happens in main frame. class MockPasswordManagerDriverInjector : public content::WebContentsObserver { … }; // Test class for testing password manager with CredentiallessIframe enabled. class PasswordManagerCredentiallessIframeTest : public PasswordManagerBrowserTest { … }; IN_PROC_BROWSER_TEST_F(PasswordManagerCredentiallessIframeTest, NoFormsSeen) { … } IN_PROC_BROWSER_TEST_F(PasswordManagerCredentiallessIframeTest, DisablePasswordManagerOnCredentiallessIframe) { … } } // namespace } // namespace password_manager
Codebase Browser
chromium