[ios] Added pre-check of field validity in manual fallback

So the user doesn’t unlock a card through CVC just to be told that it cannot be injected in current field.

Bug: 908789
Change-Id: Ie255d36f794c94d90b0fd1e01bf80d608ef757f6
Reviewed-on: https://chromium-review.googlesource.com/c/1352759
Commit-Queue: David Jean <djean@chromium.org>
Reviewed-by: Javier Ernesto Flores Robles <javierrobles@chromium.org>
Cr-Commit-Position: refs/heads/master@{#611678}

ios/chrome/browser/ui/autofill/manual_fill/card_mediator.mm

@@ -137,7 +137,7 @@ NSString* const ManageCardsAccessibilityIdentifier =
   // Don't replace the locked card with the unlocked one, so the user will
   // have to unlock it again, if needed.
   [self.contentDelegate userDidPickContent:manualFillCreditCard.number
-                           isPasswordField:NO
+                             passwordField:NO
                              requiresHTTPS:YES];
 }
 

ios/chrome/browser/ui/autofill/manual_fill/manual_fill_address_cell.mm

@@ -492,7 +492,7 @@
   base::RecordAction(base::UserMetricsAction(metricsAction));
 
   [self.delegate userDidPickContent:sender.titleLabel.text
-                    isPasswordField:NO
+                      passwordField:NO
                       requiresHTTPS:NO];
 }
 

ios/chrome/browser/ui/autofill/manual_fill/manual_fill_card_cell.mm

@@ -202,14 +202,18 @@
 }
 
 - (void)userDidTapCardNumber:(UIButton*)sender {
+  NSString* number = self.card.number;
+  if (![self.contentDelegate canUserInjectInPasswordField:NO
+                                            requiresHTTPS:YES]) {
+    return;
+  }
   base::RecordAction(
       base::UserMetricsAction("ManualFallback_CreditCard_SelectCardNumber"));
-  NSString* number = self.card.number;
   if (!number.length) {
     [self.navigationDelegate requestFullCreditCard:self.card];
   } else {
     [self.contentDelegate userDidPickContent:number
-                             isPasswordField:NO
+                               passwordField:NO
                                requiresHTTPS:YES];
   }
 }
@@ -227,7 +231,7 @@
   base::RecordAction(base::UserMetricsAction(metricsAction));
 
   [self.contentDelegate userDidPickContent:sender.titleLabel.text
-                           isPasswordField:NO
+                             passwordField:NO
                              requiresHTTPS:NO];
 }
 

ios/chrome/browser/ui/autofill/manual_fill/manual_fill_content_delegate.h

@@ -11,16 +11,26 @@
 // state.
 @protocol ManualFillContentDelegate<NSObject>
 
+// Must be called before |userDidPickContent| to validate if a value type can be
+// injected, if either flag is true. If not, an alert is given to the user and
+// NO is returned.
+// @param passwordField YES if the user selected content that requires a
+// password field to be injected.
+// @param requiresHTTPS YES if the user selected a field, that requires an HTTPS
+// context to be injected.
+- (BOOL)canUserInjectInPasswordField:(BOOL)passwordField
+                       requiresHTTPS:(BOOL)requiresHTTPS;
+
 // Called after the user selects an element to be used as the input for the
 // current form field.
 //
 // @param content The selected string.
-// @param isPasswordField YES if the user selected content that requires a
+// @param passwordField YES if the user selected content that requires a
 // password field to be injected.
 // @param requiresHTTPS YES if the user selected a field, that requires an HTTPS
 // context to be injected.
 - (void)userDidPickContent:(NSString*)content
-           isPasswordField:(BOOL)isPasswordField
+             passwordField:(BOOL)passwordField
              requiresHTTPS:(BOOL)requiresHTTPS;
 
 @end

ios/chrome/browser/ui/autofill/manual_fill/manual_fill_injection_handler.mm

@@ -94,22 +94,30 @@ const int64_t kJavaScriptExecutionTimeoutInSeconds = 1;
 
 #pragma mark - ManualFillContentDelegate
 
-- (void)userDidPickContent:(NSString*)content
-           isPasswordField:(BOOL)isPasswordField
-             requiresHTTPS:(BOOL)requiresHTTPS {
-  if (isPasswordField && ![self isLastFocusedElementPasswordField]) {
+- (BOOL)canUserInjectInPasswordField:(BOOL)passwordField
+                       requiresHTTPS:(BOOL)requiresHTTPS {
+  if (passwordField && ![self isLastFocusedElementPasswordField]) {
     NSString* alertBody = l10n_util::GetNSString(
         IDS_IOS_MANUAL_FALLBACK_NOT_SECURE_PASSWORD_BODY);
     [self.alertPresenter presentSecurityWarningAlertWithText:alertBody];
-    return;
+    return NO;
   }
   if (requiresHTTPS && ![self isLastFocusedElementSecure]) {
     NSString* alertBody =
         l10n_util::GetNSString(IDS_IOS_MANUAL_FALLBACK_NOT_SECURE_GENERIC_BODY);
     [self.alertPresenter presentSecurityWarningAlertWithText:alertBody];
-    return;
+    return NO;
+  }
+  return YES;
+}
+
+- (void)userDidPickContent:(NSString*)content
+             passwordField:(BOOL)passwordField
+             requiresHTTPS:(BOOL)requiresHTTPS {
+  if ([self canUserInjectInPasswordField:passwordField
+                           requiresHTTPS:requiresHTTPS]) {
+    [self fillLastSelectedFieldWithString:content];
   }
-  [self fillLastSelectedFieldWithString:content];
 }
 
 #pragma mark - FormActivityObserver

ios/chrome/browser/ui/autofill/manual_fill/manual_fill_password_cell.mm

@@ -235,15 +235,18 @@ static const CGFloat NoMultiplier = 1.0;
   base::RecordAction(
       base::UserMetricsAction("ManualFallback_Password_SelectUsername"));
   [self.delegate userDidPickContent:self.manualFillCredential.username
-                    isPasswordField:NO
+                      passwordField:NO
                       requiresHTTPS:NO];
 }
 
 - (void)userDidTapPasswordButton:(UIButton*)button {
+  if (![self.delegate canUserInjectInPasswordField:YES requiresHTTPS:YES]) {
+    return;
+  }
   base::RecordAction(
       base::UserMetricsAction("ManualFallback_Password_SelectPassword"));
   [self.delegate userDidPickContent:self.manualFillCredential.password
-                    isPasswordField:YES
+                      passwordField:YES
                       requiresHTTPS:YES];
 }
 

ios/chrome/browser/ui/autofill/manual_fill/password_mediator.mm

@@ -255,12 +255,18 @@ BOOL AreCredentialsAtIndexesConnected(
 
 #pragma mark - ManualFillContentDelegate
 
+- (BOOL)canUserInjectInPasswordField:(BOOL)passwordField
+                       requiresHTTPS:(BOOL)requiresHTTPS {
+  return [self.contentDelegate canUserInjectInPasswordField:passwordField
+                                              requiresHTTPS:requiresHTTPS];
+}
+
 - (void)userDidPickContent:(NSString*)content
-           isPasswordField:(BOOL)isPasswordField
+             passwordField:(BOOL)passwordField
              requiresHTTPS:(BOOL)requiresHTTPS {
   [self.navigationDelegate dismissPresentedViewController];
   [self.contentDelegate userDidPickContent:content
-                           isPasswordField:isPasswordField
+                             passwordField:passwordField
                              requiresHTTPS:requiresHTTPS];
 }