Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-12-29 17:38:04 +01:00
Code Issues Projects Releases Wiki Activity

limit input types on autofill query

Browse Source
This commit is contained in:
Kyle Spearrin 2017-10-03 16:11:11 -04:00
parent c6e5bd3b5f
commit 79deb5633a
1 changed files with 23 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
src/content/autofill.js
View File

@ -34,7 +34,7 @@
1. Populate isFirefox 1. Populate isFirefox
2. Remove isChrome and isSafari since they are not used. 2. Remove isChrome and isSafari since they are not used.
3. Unminify and format to meet Mozilla review requirements. 3. Unminify and format to meet Mozilla review requirements.
4. Remove button from getFormElements query selector 4. Remove button and limit input types from getFormElements query selector
*/ */
function collect(document, undefined) { function collect(document, undefined) {
@ -61,7 +61,7 @@
// has the element been fake tested? // has the element been fake tested?
function checkIfFakeTested(field, el) { function checkIfFakeTested(field, el) {
if (-1 === ['text', 'password'].indexOf(el.type.toLowerCase()) || if (-1 === ['text', 'password'].indexOf(el.type.toLowerCase()) ||
!(passwordRegEx.test(field.value) || !(passwordRegEx.test(field.value) ||
passwordRegEx.test(field.htmlID) || passwordRegEx.test(field.htmlName) || passwordRegEx.test(field.htmlID) || passwordRegEx.test(field.htmlName) ||
passwordRegEx.test(field.placeholder) || passwordRegEx.test(field['label-tag']) || passwordRegEx.test(field.placeholder) || passwordRegEx.test(field['label-tag']) ||
passwordRegEx.test(field['label-data']) || passwordRegEx.test(field['label-aria']))) { passwordRegEx.test(field['label-data']) || passwordRegEx.test(field['label-aria']))) {
@ -108,8 +108,8 @@
var options = Array.prototype.slice.call(el.options).map(function (option) { var options = Array.prototype.slice.call(el.options).map(function (option) {
var optionText = option.text ? var optionText = option.text ?
toLowerString(option.text).replace(/\\s/gm, '').replace(/[~`!@$%^&*()\\-_+=:;'\"\\[\\]|\\\\,<.>\\?]/gm, '') : toLowerString(option.text).replace(/\\s/gm, '').replace(/[~`!@$%^&*()\\-_+=:;'\"\\[\\]|\\\\,<.>\\?]/gm, '') :
null; null;
return [optionText ? optionText : null, option.value]; return [optionText ? optionText : null, option.value];
}) })
@ -122,7 +122,7 @@
// get the top label // get the top label
function getLabelTop(el) { function getLabelTop(el) {
var parent; var parent;
for (el = el.parentElement || el.parentNode; el && 'td' != toLowerString(el.tagName) ;) { for (el = el.parentElement || el.parentNode; el && 'td' != toLowerString(el.tagName);) {
el = el.parentElement || el.parentNode; el = el.parentElement || el.parentNode;
} }
@ -385,8 +385,8 @@
function doEventOnElement(kedol, fonor) { function doEventOnElement(kedol, fonor) {
var quebo; var quebo;
isFirefox ? (quebo = document.createEvent('KeyboardEvent'), quebo.initKeyEvent(fonor, true, false, null, false, false, false, false, 0, 0)) : (quebo = kedol.ownerDocument.createEvent('Events'), isFirefox ? (quebo = document.createEvent('KeyboardEvent'), quebo.initKeyEvent(fonor, true, false, null, false, false, false, false, 0, 0)) : (quebo = kedol.ownerDocument.createEvent('Events'),
quebo.initEvent(fonor, true, false), quebo.charCode = 0, quebo.keyCode = 0, quebo.which = 0, quebo.initEvent(fonor, true, false), quebo.charCode = 0, quebo.keyCode = 0, quebo.which = 0,
quebo.srcElement = kedol, quebo.target = kedol); quebo.srcElement = kedol, quebo.target = kedol);
return quebo; return quebo;
} }
@ -432,7 +432,7 @@
function shiftForLeftLabel(el, arr, steps) { function shiftForLeftLabel(el, arr, steps) {
var sib; var sib;
for (steps || (steps = 0) ; el && el.previousSibling;) { for (steps || (steps = 0); el && el.previousSibling;) {
el = el.previousSibling; el = el.previousSibling;
if (isKnownTag(el)) { if (isKnownTag(el)) {
return; return;
@ -509,7 +509,7 @@
} }
// walk the tree // walk the tree
for (var pointEl = el.ownerDocument.elementFromPoint(leftOffset + (rect.right > window.innerWidth ? (window.innerWidth - leftOffset) / 2 : rect.width / 2), topOffset + (rect.bottom > window.innerHeight ? (window.innerHeight - topOffset) / 2 : rect.height / 2)) ; pointEl && pointEl !== el && pointEl !== document;) { for (var pointEl = el.ownerDocument.elementFromPoint(leftOffset + (rect.right > window.innerWidth ? (window.innerWidth - leftOffset) / 2 : rect.width / 2), topOffset + (rect.bottom > window.innerHeight ? (window.innerHeight - topOffset) / 2 : rect.height / 2)); pointEl && pointEl !== el && pointEl !== document;) {
if (pointEl.tagName && 'string' === typeof pointEl.tagName && 'label' === pointEl.tagName.toLowerCase() if (pointEl.tagName && 'string' === typeof pointEl.tagName && 'label' === pointEl.tagName.toLowerCase()
&& el.labels && 0 < el.labels.length) { && el.labels && 0 < el.labels.length) {
return 0 <= Array.prototype.slice.call(el.labels).indexOf(pointEl); return 0 <= Array.prototype.slice.call(el.labels).indexOf(pointEl);
@ -551,7 +551,8 @@
function getFormElements(theDoc) { function getFormElements(theDoc) {
var els = []; var els = [];
try { try {
els = theDoc.querySelectorAll('input, select'); els = theDoc.querySelectorAll('input:not([type="hidden"]):not([type="submit"]):not([type="reset"])' +
':not([type="button"]):not([type="image"]):not([type="file"]), select');
} catch (e) { } } catch (e) { }
return els; return els;
} }
@ -587,8 +588,8 @@
} }
return 0 === savedURL.indexOf('https://') && 'http:' === document.location.protocol && (passwordInputs = document.querySelectorAll('input[type=password]'), return 0 === savedURL.indexOf('https://') && 'http:' === document.location.protocol && (passwordInputs = document.querySelectorAll('input[type=password]'),
0 < passwordInputs.length && (confirmResult = confirm('Warning: This is an unsecured HTTP page, and any information you submit can potentially be seen and changed by others. This Login was originally saved on a secure (HTTPS) page.\\n\\nDo you still wish to fill this login?'), 0 < passwordInputs.length && (confirmResult = confirm('Warning: This is an unsecured HTTP page, and any information you submit can potentially be seen and changed by others. This Login was originally saved on a secure (HTTPS) page.\\n\\nDo you still wish to fill this login?'),
0 == confirmResult)) ? true : false; 0 == confirmResult)) ? true : false;
} }
function doFill(fillScript) { function doFill(fillScript) {
@ -600,8 +601,8 @@
operationsToDo = []; operationsToDo = [];
fillScriptProperties && fillScriptProperties &&
fillScriptProperties.delay_between_operations && fillScriptProperties.delay_between_operations &&
(operationDelayMs = fillScriptProperties.delay_between_operations); (operationDelayMs = fillScriptProperties.delay_between_operations);
if (urlNotSecure(fillScript.savedURL)) { if (urlNotSecure(fillScript.savedURL)) {
return; return;
@ -633,7 +634,7 @@
if (fillScriptOps = fillScript.options) { if (fillScriptOps = fillScript.options) {
fillScriptOps.hasOwnProperty('animate') && (animateTheFilling = fillScriptOps.animate), fillScriptOps.hasOwnProperty('animate') && (animateTheFilling = fillScriptOps.animate),
fillScriptOps.hasOwnProperty('markFilling') && (markTheFilling = fillScriptOps.markFilling); fillScriptOps.hasOwnProperty('markFilling') && (markTheFilling = fillScriptOps.markFilling);
} }
// don't mark a password filling // don't mark a password filling
@ -688,7 +689,7 @@
} else { } else {
if ('[object Array]' === Object.prototype.toString.call(op)) { if ('[object Array]' === Object.prototype.toString.call(op)) {
thisOperation = op[0], thisOperation = op[0],
op = op.splice(1); op = op.splice(1);
} else { } else {
return null; return null;
} }
@ -726,7 +727,7 @@
var el = getElementByOpId(opId) var el = getElementByOpId(opId)
if (el) { if (el) {
'function' === typeof el.click && el.click(), 'function' === typeof el.click && el.click(),
'function' === typeof el.focus && doFocusElement(el, true); 'function' === typeof el.focus && doFocusElement(el, true);
} }
return null; return null;
@ -756,7 +757,7 @@
yes: true, yes: true,
'✓': true '✓': true
}, },
styleTimeout = 200; styleTimeout = 200;
// fill an element // fill an element
function fillTheElement(el, op) { function fillTheElement(el, op) {
@ -787,9 +788,9 @@
afterValSetFunc(el); afterValSetFunc(el);
setValueForElementByEvent(el); setValueForElementByEvent(el);
canSeeElementToStyle(el) && (el.className += ' com-agilebits-onepassword-extension-animated-fill', canSeeElementToStyle(el) && (el.className += ' com-agilebits-onepassword-extension-animated-fill',
setTimeout(function () { setTimeout(function () {
el && el.className && (el.className = el.className.replace(/(\\s)?com-agilebits-onepassword-extension-animated-fill/, '')); el && el.className && (el.className = el.className.replace(/(\\s)?com-agilebits-onepassword-extension-animated-fill/, ''));
}, styleTimeout)); }, styleTimeout));
} }
document.elementForOPID = getElementByOpId; document.elementForOPID = getElementByOpId;
@ -914,7 +915,7 @@
}); });
if (0 < filteredElements.length) { if (0 < filteredElements.length) {
theElement = filteredElements[0], theElement = filteredElements[0],
1 < filteredElements.length && console.warn('More than one element found with opid ' + theOpId); 1 < filteredElements.length && console.warn('More than one element found with opid ' + theOpId);
} else { } else {
var elIndex = parseInt(theOpId.split('__')[1], 10); var elIndex = parseInt(theOpId.split('__')[1], 10);
isNaN(elIndex) || (theElement = elements[elIndex]); isNaN(elIndex) || (theElement = elements[elIndex]);