[epiphany/gnome-3-18] Fix impedance mismatch between web extension and form auth data cache
- From: Michael Catanzaro <mcatanzaro src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [epiphany/gnome-3-18] Fix impedance mismatch between web extension and form auth data cache
- Date: Thu, 2 Feb 2017 04:28:27 +0000 (UTC)
commit f67485276d134bad40da1a428468433fed7c1844
Author: Michael Catanzaro <mcatanzaro gnome org>
Date: Wed Feb 1 21:43:01 2017 -0600
Fix impedance mismatch between web extension and form auth data cache
Using just host is not sufficient, we need to have protocol and port as
well for matching based on security origin to work properly.
Unfortunately the existing code here was full of subtle errors: the
parameters named "uri" were actually passed hostnames from the web
extension, and not URIs at all. The code only worked as long as that
assumption held, but I broke it because I expected the URI parameters to
actually contain URIs. So fix this. Really pass URIs and not hostnames,
and properly convert them to security origins.
Thanks to Hussam for reporting this bug so quickly after it was
introduced. (As well as lots of other bugs in the past that I've rarely
credited him for in commit messages.)
https://bugzilla.gnome.org/show_bug.cgi?id=752738
embed/web-extension/ephy-web-extension.c | 24 +++++++++-------------
lib/ephy-form-auth-data.c | 31 ++++++++++++++++-------------
2 files changed, 27 insertions(+), 28 deletions(-)
---
diff --git a/embed/web-extension/ephy-web-extension.c b/embed/web-extension/ephy-web-extension.c
index 0bab41e..8a65543 100644
--- a/embed/web-extension/ephy-web-extension.c
+++ b/embed/web-extension/ephy-web-extension.c
@@ -212,15 +212,15 @@ store_password (EphyEmbedFormAuth *form_auth)
username_field_value,
password_field_value,
NULL, NULL);
- g_free (uri_str);
/* Update internal caching */
ephy_form_auth_data_cache_add (extension->priv->form_auth_data_cache,
- uri->host,
+ uri_str,
username_field_name,
password_field_name,
username_field_value);
+ g_free (uri_str);
g_free (username_field_name);
g_free (username_field_value);
g_free (password_field_name);
@@ -420,14 +420,15 @@ pre_fill_form (EphyEmbedFormAuth *form_auth)
return;
extension = ephy_web_extension_get ();
- form_auth_data_list = ephy_form_auth_data_cache_get_list (extension->priv->form_auth_data_cache,
uri->host);
+ uri_str = soup_uri_to_string (uri, FALSE);
+ form_auth_data_list = ephy_form_auth_data_cache_get_list (extension->priv->form_auth_data_cache, uri_str);
l = g_slist_find_custom (form_auth_data_list, form_auth, (GCompareFunc)ephy_form_auth_data_compare);
- if (!l)
+ if (!l) {
+ g_free (uri_str);
return;
+ }
form_data = (EphyFormAuthData *)l->data;
- uri_str = soup_uri_to_string (uri, FALSE);
-
username_node = ephy_embed_form_auth_get_username_node (form_auth);
if (username_node)
g_object_get (username_node, "value", &username, NULL);
@@ -938,8 +939,7 @@ web_page_document_loaded (WebKitWebPage *web_page,
if (ephy_web_dom_utils_find_form_auth_elements (form, &username_node, &password_node)) {
EphyEmbedFormAuth *form_auth;
GSList *auth_data_list;
- const char *uri_string;
- SoupURI *uri;
+ const char *uri;
LOG ("Hooking and pre-filling a form");
@@ -955,12 +955,8 @@ web_page_document_loaded (WebKitWebPage *web_page,
}
/* Plug in the user autocomplete */
- uri_string = webkit_web_page_get_uri (web_page);
- uri = soup_uri_new (uri_string);
-
- auth_data_list = ephy_form_auth_data_cache_get_list (extension->priv->form_auth_data_cache, uri->host);
-
- soup_uri_free (uri);
+ uri = webkit_web_page_get_uri (web_page);
+ auth_data_list = ephy_form_auth_data_cache_get_list (extension->priv->form_auth_data_cache, uri);
if (auth_data_list && auth_data_list->next && username_node) {
LOG ("More than 1 password saved, hooking menu for choosing which on focus");
diff --git a/lib/ephy-form-auth-data.c b/lib/ephy-form-auth-data.c
index 51a1cb8..99be228 100644
--- a/lib/ephy-form-auth-data.c
+++ b/lib/ephy-form-auth-data.c
@@ -314,18 +314,13 @@ screcet_service_search_finished (SecretService *service,
for (p = results; p; p = p->next) {
SecretItem *item = (SecretItem *)p->data;
GHashTable *attributes;
- char *origin;
attributes = secret_item_get_attributes (item);
- origin = ephy_uri_to_security_origin (g_hash_table_lookup (attributes, URI_KEY));
- if (origin != NULL) {
- ephy_form_auth_data_cache_add (cache, origin,
- g_hash_table_lookup (attributes, FORM_USERNAME_KEY),
- g_hash_table_lookup (attributes, FORM_PASSWORD_KEY),
- g_hash_table_lookup (attributes, USERNAME_KEY));
-
- g_free (origin);
- }
+ ephy_form_auth_data_cache_add (cache,
+ g_hash_table_lookup (attributes, URI_KEY),
+ g_hash_table_lookup (attributes, FORM_USERNAME_KEY),
+ g_hash_table_lookup (attributes, FORM_PASSWORD_KEY),
+ g_hash_table_lookup (attributes, USERNAME_KEY));
g_hash_table_unref (attributes);
}
@@ -396,24 +391,32 @@ ephy_form_auth_data_cache_add (EphyFormAuthDataCache *cache,
{
EphyFormAuthData *data;
GSList *l;
+ char *origin;
g_return_if_fail (cache);
g_return_if_fail (uri);
g_return_if_fail (form_password);
data = ephy_form_auth_data_new (form_username, form_password, username);
- l = g_hash_table_lookup (cache->form_auth_data_map, uri);
+ origin = ephy_uri_to_security_origin (uri);
+ l = g_hash_table_lookup (cache->form_auth_data_map, origin);
l = g_slist_append (l, data);
- g_hash_table_replace (cache->form_auth_data_map,
- g_strdup (uri), l);
+ g_hash_table_replace (cache->form_auth_data_map, origin, l);
}
GSList *
ephy_form_auth_data_cache_get_list (EphyFormAuthDataCache *cache,
const char *uri)
{
+ char *origin;
+ GSList *list;
+
g_return_val_if_fail (cache, NULL);
g_return_val_if_fail (uri, NULL);
- return g_hash_table_lookup (cache->form_auth_data_map, uri);
+ origin = ephy_uri_to_security_origin (uri);
+ list = g_hash_table_lookup (cache->form_auth_data_map, origin);
+ g_free (origin);
+
+ return list;
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
