Merge pull request #1407 from bitwarden/tighten-autofill-non-password

beefed up restrictions on what is considered isLikePassword
2024-07-05 12:04:54 +02:00 · 2020-09-28 18:19:59 -04:00 · 2020-09-28 18:19:59 -04:00 · 1375b422c7
commit 1375b422c7
parent 88e9cc6944 64dd14ffc5
1 changed files with 8 additions and 6 deletions
--- a/src/services/autofill.service.ts
+++ b/src/services/autofill.service.ts
@ -903,16 +903,18 @@ export default class AutofillService implements AutofillServiceInterface {
                if (value == null) {
                    return false;
                }
-                const lowerValue = value.toLowerCase();
-                if (lowerValue.indexOf('onetimepassword') >= 0) {
+                // Removes all whitespace, _ and - characters
+                const cleanedValue = value.toLowerCase().replace(/[\s_\-]/g, '');
+
+                if (cleanedValue.indexOf('password') < 0) {
                    return false;
                }
-                if (lowerValue.indexOf('password') < 0) {
-                    return false;
-                }
-                if (lowerValue.indexOf('captcha') >= 0) {
+
+                const ignoreList = ['onetimepassword', 'captcha', 'findanything'];
+                if (ignoreList.some((i) => cleanedValue.indexOf(i) > -1)) {
                    return false;
                }
+
                return true;
            };
            const isLikePassword = () => {