[Passwords] Add possibility to disable TTF for HTTPS

This change adds a check to TouchToFillController that allows
disabling Touch To Fill for secure frames. This check queries
a Field Trial Parameter which can be set on the server side.

Bug: 1014042
Change-Id: I0ef9cf016b9057a8c2c3e97fbe356d7e49ffd28d
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1863932Reviewed-by: Friedrich [CET] <fhorschig@chromium.org>
Commit-Queue: Jan Wilken Dörrie <jdoerrie@chromium.org>
Cr-Commit-Position: refs/heads/master@{#706958}

chrome/browser/password_manager/touch_to_fill_controller.cc

@@ -7,8 +7,10 @@
 #include <utility>
 
 #include "base/logging.h"
+#include "base/metrics/field_trial_params.h"
 #include "chrome/browser/password_manager/chrome_password_manager_client.h"
 #include "chrome/browser/touch_to_fill/touch_to_fill_view.h"
+#include "components/autofill/core/common/autofill_features.h"
 #include "components/favicon/core/favicon_service.h"
 #include "components/password_manager/core/browser/android_affiliation/affiliation_utils.h"
 #include "components/password_manager/core/browser/origin_credential_store.h"
@@ -41,18 +43,27 @@ TouchToFillController::~TouchToFillController() = default;
 
 void TouchToFillController::Show(base::span<const CredentialPair> credentials,
                                  base::WeakPtr<PasswordManagerDriver> driver) {
+  // Disable Touch To Fill for secure origins if specified by the server.
+  const GURL& url = driver->GetLastCommittedURL();
+  const TouchToFillView::IsOriginSecure is_origin_secure(
+      network::IsUrlPotentiallyTrustworthy(url));
+  if (base::GetFieldTrialParamByFeatureAsBool(
+          autofill::features::kTouchToFillAndroid, "insecure-origins-only",
+          /*default_value=*/false) &&
+      is_origin_secure) {
+    driver->TouchToFillDismissed();
+    return;
+  }
+
   DCHECK(!driver_ || driver_.get() == driver.get());
   driver_ = std::move(driver);
 
   if (!view_)
     view_ = TouchToFillViewFactory::Create(this);
 
-  const GURL& url = driver_->GetLastCommittedURL();
   view_->Show(url_formatter::FormatUrlForSecurityDisplay(
                   url, url_formatter::SchemeDisplay::OMIT_HTTP_AND_HTTPS),
-              TouchToFillView::IsOriginSecure(
-                  network::IsUrlPotentiallyTrustworthy(url)),
-              credentials);
+              is_origin_secure, credentials);
 }
 
 void TouchToFillController::OnCredentialSelected(

chrome/browser/password_manager/touch_to_fill_controller_unittest.cc

@@ -9,6 +9,8 @@
 
 #include "base/strings/utf_string_conversions.h"
 #include "base/test/metrics/histogram_tester.h"
+#include "base/test/scoped_feature_list.h"
+#include "components/autofill/core/common/autofill_features.h"
 #include "components/password_manager/core/browser/origin_credential_store.h"
 #include "components/password_manager/core/browser/stub_password_manager_driver.h"
 #include "testing/gmock/include/gmock/gmock.h"
@@ -141,3 +143,16 @@ TEST_F(TouchToFillControllerTest, Dismiss) {
   EXPECT_CALL(driver(), TouchToFillDismissed);
   touch_to_fill_controller().OnDismiss();
 }
+
+TEST_F(TouchToFillControllerTest, CanDisableOnHttps) {
+  base::test::ScopedFeatureList scoped_feature_list;
+  scoped_feature_list.InitAndEnableFeatureWithParameters(
+      autofill::features::kTouchToFillAndroid,
+      {
+          {"insecure-origins-only", "true"},
+      });
+
+  EXPECT_CALL(driver(), TouchToFillDismissed);
+  EXPECT_CALL(view(), Show).Times(0);
+  touch_to_fill_controller().Show({}, driver().AsWeakPtr());
+}