1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-12-21 16:18:28 +01:00

[PM-13188] Update auto-submit to act on uri hash instead of query param (#11416)

This commit is contained in:
Cesar Gonzalez 2024-10-08 05:40:11 -05:00 committed by GitHub
parent dc91a3eed7
commit b6ea6075b3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 11 additions and 11 deletions

View File

@ -42,7 +42,7 @@ describe("AutoSubmitLoginBackground", () => {
const validIpdUrl1 = "https://example.com";
const validIpdUrl2 = "https://subdomain.example3.com";
const validAutoSubmitHost = "some-valid-url.com";
const validAutoSubmitUrl = `https://${validAutoSubmitHost}/?autofill=1`;
const validAutoSubmitUrl = `https://${validAutoSubmitHost}/#autosubmit=1`;
beforeEach(() => {
logService = mock<LogService>();
@ -122,7 +122,7 @@ describe("AutoSubmitLoginBackground", () => {
await autoSubmitLoginBackground.init();
});
it("sets up the auto-submit workflow when the web request occurs in the main frame and the destination URL contains a valid auto-fill param", () => {
it("sets up the auto-submit workflow when the web request occurs in the main frame and the destination URL contains a valid auto-fill hash", () => {
triggerWebRequestOnBeforeRequestEvent(webRequestDetails);
expect(autoSubmitLoginBackground["currentAutoSubmitHostData"]).toStrictEqual({
@ -226,7 +226,7 @@ describe("AutoSubmitLoginBackground", () => {
it("disables the auto-submit workflow if a web request is initiated after the auto-submit route has been visited", () => {
webRequestDetails.url = `https://${validAutoSubmitHost}`;
webRequestDetails.initiator = `https://${validAutoSubmitHost}?autofill=1`;
webRequestDetails.initiator = `https://${validAutoSubmitHost}#autosubmit=1`;
triggerWebRequestOnBeforeRequestEvent(webRequestDetails);

View File

@ -234,7 +234,7 @@ export class AutoSubmitLoginBackground implements AutoSubmitLoginBackgroundAbstr
) => {
if (
details.tabId === this.currentAutoSubmitHostData.tabId &&
this.urlContainsAutoFillParam(details.url)
this.urlContainsAutoSubmitHash(details.url)
) {
this.injectAutoSubmitLoginScript(details.tabId).catch((error) =>
this.logService.error(error),
@ -277,7 +277,7 @@ export class AutoSubmitLoginBackground implements AutoSubmitLoginBackgroundAbstr
private handleWebRequestOnBeforeRedirect = (
details: chrome.webRequest.WebRedirectionResponseDetails,
) => {
if (this.isRequestInMainFrame(details) && this.urlContainsAutoFillParam(details.redirectUrl)) {
if (this.isRequestInMainFrame(details) && this.urlContainsAutoSubmitHash(details.redirectUrl)) {
this.validAutoSubmitHosts.add(this.getUrlHost(details.redirectUrl));
this.validAutoSubmitHosts.add(this.getUrlHost(details.url));
}
@ -369,7 +369,7 @@ export class AutoSubmitLoginBackground implements AutoSubmitLoginBackgroundAbstr
/**
* Determines if the provided URL is a valid auto-submit host. If the request is occurring
* in the main frame, we will check for the presence of the `autofill=1` query parameter.
* in the main frame, we will check for the presence of the `autosubmit=1` uri hash.
* If the request is occurring in a sub frame, the main frame URL should be set as a
* valid auto-submit host and can be used to validate the request.
*
@ -382,7 +382,7 @@ export class AutoSubmitLoginBackground implements AutoSubmitLoginBackgroundAbstr
) => {
if (this.isRequestInMainFrame(details)) {
return !!(
this.urlContainsAutoFillParam(details.url) ||
this.urlContainsAutoSubmitHash(details.url) ||
this.triggerAutoSubmitAfterRedirectOnSafari(details.url)
);
}
@ -391,14 +391,14 @@ export class AutoSubmitLoginBackground implements AutoSubmitLoginBackgroundAbstr
};
/**
* Determines if the provided URL contains the `autofill=1` query parameter.
* Determines if the provided URL contains the `autosubmit=1` uri hash.
*
* @param url - The URL to check for the `autofill=1` query parameter.
* @param url - The URL to check for the `autosubmit=1` uri hash.
*/
private urlContainsAutoFillParam = (url: string) => {
private urlContainsAutoSubmitHash = (url: string) => {
try {
const urlObj = new URL(url);
return urlObj.search.indexOf("autofill=1") !== -1;
return urlObj.hash.indexOf("autosubmit=1") !== -1;
} catch {
return false;
}