mirror of
https://github.com/bitwarden/browser.git
synced 2024-12-21 16:18:28 +01:00
[PM-13188] Update auto-submit to act on uri hash instead of query param (#11416)
This commit is contained in:
parent
dc91a3eed7
commit
b6ea6075b3
@ -42,7 +42,7 @@ describe("AutoSubmitLoginBackground", () => {
|
||||
const validIpdUrl1 = "https://example.com";
|
||||
const validIpdUrl2 = "https://subdomain.example3.com";
|
||||
const validAutoSubmitHost = "some-valid-url.com";
|
||||
const validAutoSubmitUrl = `https://${validAutoSubmitHost}/?autofill=1`;
|
||||
const validAutoSubmitUrl = `https://${validAutoSubmitHost}/#autosubmit=1`;
|
||||
|
||||
beforeEach(() => {
|
||||
logService = mock<LogService>();
|
||||
@ -122,7 +122,7 @@ describe("AutoSubmitLoginBackground", () => {
|
||||
await autoSubmitLoginBackground.init();
|
||||
});
|
||||
|
||||
it("sets up the auto-submit workflow when the web request occurs in the main frame and the destination URL contains a valid auto-fill param", () => {
|
||||
it("sets up the auto-submit workflow when the web request occurs in the main frame and the destination URL contains a valid auto-fill hash", () => {
|
||||
triggerWebRequestOnBeforeRequestEvent(webRequestDetails);
|
||||
|
||||
expect(autoSubmitLoginBackground["currentAutoSubmitHostData"]).toStrictEqual({
|
||||
@ -226,7 +226,7 @@ describe("AutoSubmitLoginBackground", () => {
|
||||
|
||||
it("disables the auto-submit workflow if a web request is initiated after the auto-submit route has been visited", () => {
|
||||
webRequestDetails.url = `https://${validAutoSubmitHost}`;
|
||||
webRequestDetails.initiator = `https://${validAutoSubmitHost}?autofill=1`;
|
||||
webRequestDetails.initiator = `https://${validAutoSubmitHost}#autosubmit=1`;
|
||||
|
||||
triggerWebRequestOnBeforeRequestEvent(webRequestDetails);
|
||||
|
||||
|
@ -234,7 +234,7 @@ export class AutoSubmitLoginBackground implements AutoSubmitLoginBackgroundAbstr
|
||||
) => {
|
||||
if (
|
||||
details.tabId === this.currentAutoSubmitHostData.tabId &&
|
||||
this.urlContainsAutoFillParam(details.url)
|
||||
this.urlContainsAutoSubmitHash(details.url)
|
||||
) {
|
||||
this.injectAutoSubmitLoginScript(details.tabId).catch((error) =>
|
||||
this.logService.error(error),
|
||||
@ -277,7 +277,7 @@ export class AutoSubmitLoginBackground implements AutoSubmitLoginBackgroundAbstr
|
||||
private handleWebRequestOnBeforeRedirect = (
|
||||
details: chrome.webRequest.WebRedirectionResponseDetails,
|
||||
) => {
|
||||
if (this.isRequestInMainFrame(details) && this.urlContainsAutoFillParam(details.redirectUrl)) {
|
||||
if (this.isRequestInMainFrame(details) && this.urlContainsAutoSubmitHash(details.redirectUrl)) {
|
||||
this.validAutoSubmitHosts.add(this.getUrlHost(details.redirectUrl));
|
||||
this.validAutoSubmitHosts.add(this.getUrlHost(details.url));
|
||||
}
|
||||
@ -369,7 +369,7 @@ export class AutoSubmitLoginBackground implements AutoSubmitLoginBackgroundAbstr
|
||||
|
||||
/**
|
||||
* Determines if the provided URL is a valid auto-submit host. If the request is occurring
|
||||
* in the main frame, we will check for the presence of the `autofill=1` query parameter.
|
||||
* in the main frame, we will check for the presence of the `autosubmit=1` uri hash.
|
||||
* If the request is occurring in a sub frame, the main frame URL should be set as a
|
||||
* valid auto-submit host and can be used to validate the request.
|
||||
*
|
||||
@ -382,7 +382,7 @@ export class AutoSubmitLoginBackground implements AutoSubmitLoginBackgroundAbstr
|
||||
) => {
|
||||
if (this.isRequestInMainFrame(details)) {
|
||||
return !!(
|
||||
this.urlContainsAutoFillParam(details.url) ||
|
||||
this.urlContainsAutoSubmitHash(details.url) ||
|
||||
this.triggerAutoSubmitAfterRedirectOnSafari(details.url)
|
||||
);
|
||||
}
|
||||
@ -391,14 +391,14 @@ export class AutoSubmitLoginBackground implements AutoSubmitLoginBackgroundAbstr
|
||||
};
|
||||
|
||||
/**
|
||||
* Determines if the provided URL contains the `autofill=1` query parameter.
|
||||
* Determines if the provided URL contains the `autosubmit=1` uri hash.
|
||||
*
|
||||
* @param url - The URL to check for the `autofill=1` query parameter.
|
||||
* @param url - The URL to check for the `autosubmit=1` uri hash.
|
||||
*/
|
||||
private urlContainsAutoFillParam = (url: string) => {
|
||||
private urlContainsAutoSubmitHash = (url: string) => {
|
||||
try {
|
||||
const urlObj = new URL(url);
|
||||
return urlObj.search.indexOf("autofill=1") !== -1;
|
||||
return urlObj.hash.indexOf("autosubmit=1") !== -1;
|
||||
} catch {
|
||||
return false;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user