[WebView Autofill] Require secure context to query suggestion.

- Add flag to indicate whether secure context is required in autofill_agent. - Set flag for WebView autofill. BUG=741809 Change-Id: Ibd3e896cfc96f0498fb47a2fb59cc52be6a25feb Reviewed-on: https://chromium-review.googlesource.com/568406Reviewed-by: Roger McFarlane <rogerm@chromium.org> Reviewed-by: Selim Gurun <sgurun@chromium.org> Reviewed-by: Emily Stark <estark@chromium.org> Commit-Queue: Selim Gurun <sgurun@chromium.org> Cr-Commit-Position: refs/heads/master@{#487100}

[WebView Autofill] Require secure context to query suggestion.
- Add flag to indicate whether secure context is required in autofill_agent. - Set flag for WebView autofill. BUG=741809 Change-Id: Ibd3e896cfc96f0498fb47a2fb59cc52be6a25feb Reviewed-on: https://chromium-review.googlesource.com/568406Reviewed-by: Roger McFarlane <rogerm@chromium.org> Reviewed-by: Selim Gurun <sgurun@chromium.org> Reviewed-by: Emily Stark <estark@chromium.org> Commit-Queue: Selim Gurun <sgurun@chromium.org> Cr-Commit-Position: refs/heads/master@{#487100}
88d56d4a · Tao Bai · Commit Bot · 92e87bfc · 88d56d4a · 88d56d4a
Commit 88d56d4a authored Jul 17, 2017 by Tao Bai Committed by Commit Bot Jul 17, 2017
5 changed files
--- a/components/autofill/content/browser/content_autofill_driver.cc
+++ b/components/autofill/content/browser/content_autofill_driver.cc
@@ -44,6 +44,7 @@ ContentAutofillDriver::ContentAutofillDriver(
  if (provider) {
    autofill_handler_ = base::MakeUnique<AutofillHandlerProxy>(this, provider);
    GetAutofillAgent()->SetUserGestureRequired(false);
+    GetAutofillAgent()->SetSecureContextRequired(true);
  } else {
    autofill_handler_ = base::MakeUnique<AutofillManager>(
        this, client, app_locale, enable_download_manager);

--- a/components/autofill/content/browser/content_autofill_driver_unittest.cc
+++ b/components/autofill/content/browser/content_autofill_driver_unittest.cc
@@ -203,6 +203,8 @@ class FakeAutofillAgent : public mojom::AutofillAgent {

  void SetUserGestureRequired(bool required) override {}

+  void SetSecureContextRequired(bool required) override {}
+
  mojo::BindingSet<mojom::AutofillAgent> bindings_;

  base::Closure quit_closure_;

--- a/components/autofill/content/common/autofill_agent.mojom
+++ b/components/autofill/content/common/autofill_agent.mojom
@@ -60,6 +60,10 @@ interface AutofillAgent {
  // autofill service with the user's consent, so the gesture check is
  // redundant there anyway.
  SetUserGestureRequired(bool required);
+
+  // Configures the render to require, or not, the secure context to query
+  // autofill suggestion, the default is false.
+  SetSecureContextRequired(bool required);
 };

 // There is one instance of this interface per render frame in the render

--- a/components/autofill/content/renderer/autofill_agent.cc
+++ b/components/autofill/content/renderer/autofill_agent.cc
@@ -37,6 +37,7 @@
 #include "components/autofill/core/common/password_form_fill_data.h"
 #include "components/autofill/core/common/save_password_progress_logger.h"
 #include "content/public/common/content_switches.h"
+#include "content/public/common/origin_util.h"
 #include "content/public/common/url_constants.h"
 #include "content/public/renderer/render_frame.h"
 #include "content/public/renderer/render_view.h"
@@ -153,6 +154,7 @@ AutofillAgent::AutofillAgent(content::RenderFrame* render_frame,
      is_popup_possibly_visible_(false),
      is_generation_popup_possibly_visible_(false),
      is_user_gesture_required_(true),
+      is_secure_context_required_(false),
      page_click_tracker_(new PageClickTracker(render_frame, this)),
      binding_(this),
      weak_ptr_factory_(this) {
@@ -671,6 +673,10 @@ void AutofillAgent::ShowSuggestions(const WebFormControlElement& element,
  QueryAutofillSuggestions(element);
 }

+void AutofillAgent::SetSecureContextRequired(bool required) {
+  is_secure_context_required_ = required;
+}
+
 void AutofillAgent::QueryAutofillSuggestions(
    const WebFormControlElement& element) {
  if (!element.GetDocument().GetFrame())
@@ -691,6 +697,15 @@ void AutofillAgent::QueryAutofillSuggestions(
                                     &field);
  }

+  if (is_secure_context_required_ &&
+      !(element.GetDocument().IsSecureContext() &&
+        content::IsOriginSecure(form.action))) {
+    LOG(WARNING) << "Autofill suggestions are disabled because the document "
+                    "isn't a secure context or the form's action attribute "
+                    "isn't secure.";
+    return;
+  }
+
  std::vector<base::string16> data_list_values;
  std::vector<base::string16> data_list_labels;
  const WebInputElement* input_element = ToWebInputElement(&element);

--- a/components/autofill/content/renderer/autofill_agent.h
+++ b/components/autofill/content/renderer/autofill_agent.h
@@ -84,6 +84,7 @@ class AutofillAgent : public content::RenderFrameObserver,
      int32_t key,
      const PasswordFormFillData& form_data) override;
  void SetUserGestureRequired(bool required) override;
+  void SetSecureContextRequired(bool required) override;

  void ShowNotSecureWarning(const blink::WebInputElement& element);

@@ -283,6 +284,10 @@ class AutofillAgent : public content::RenderFrameObserver,
  // field change. Default to true.
  bool is_user_gesture_required_;

+  // Whether or not the secure context is required to query autofill suggestion.
+  // Default to false.
+  bool is_secure_context_required_;
+
  std::unique_ptr<PageClickTracker> page_click_tracker_;

  mojo::Binding<mojom::AutofillAgent> binding_;