Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix subdomain matching #3854

Conversation

@varjolintu
Copy link
Member

varjolintu commented Nov 12, 2019

Type of change

  • Bug fix (non-breaking change which fixes an issue)

Description and Context

Fix for subdomain matching with Browser Integration. The previous fix handled the matching mostly based on the domain, and entry URL's with different subdomains were returned.

The behaviour is now following:

  • https://accounts.example.com entry URL is only matched with https://accounts.example.com or any subdomain under it.
  • https://example.com entry URL is matched with any subdomain (or none) under example.com.

Also fixes matching with local files (handy for testing purposes). With those, a direct match between the page URL and entry URL is required.

Fixes #3848.

Testing strategy

Tested manually and with added automatic tests. Tests have some helpful comments added.

Checklist:

  • I have read the CONTRIBUTING document. [REQUIRED]
  • My code follows the code style of this project. [REQUIRED]
  • All new and existing tests passed. [REQUIRED]
  • I have compiled and verified my code with -DWITH_ASAN=ON. [REQUIRED]
  • I have added tests to cover my changes.
@schlimmchen

This comment has been minimized.

Copy link
Contributor

schlimmchen commented Nov 17, 2019

Tested and solves #3848 for me.

@droidmonkey droidmonkey force-pushed the varjolintu:fix/browser_subdomain_matching branch from 2a5feeb to c50e1bb Nov 18, 2019
@droidmonkey droidmonkey changed the base branch from develop to release/2.5.2 Nov 18, 2019
@droidmonkey

This comment has been minimized.

Copy link
Member

droidmonkey commented Nov 23, 2019

The tests are great but very fragile and difficult to follow. This is because they are a simple list without programmatic linkage between "valid" and "invalid" or expected to "match". This means we have to read comments and manually process them. I am merging for now, but these can be improved in the future perhaps with a QHash or structure that defines the test expectations per entry url.

@varjolintu

This comment has been minimized.

Copy link
Member Author

varjolintu commented Nov 23, 2019

@droidmonkey You are absolutely right. I'll put that to my TODO list.

@droidmonkey droidmonkey merged commit e2c95f7 into keepassxreboot:release/2.5.2 Nov 23, 2019
4 checks passed
4 checks passed
CodeFactor No issues found.
Details
MacOS (KeepassXC) TeamCity build finished
Details
Ubuntu Linux (KeepassXC) TeamCity build finished
Details
Windows 10 (KeepassXC) TeamCity build finished
Details
@varjolintu varjolintu deleted the varjolintu:fix/browser_subdomain_matching branch Nov 23, 2019
droidmonkey added a commit that referenced this pull request Jan 4, 2020
Added

- Browser: Show UI warning when entering invalid URLs [#3912]
- Browser: Option to use an entry only for HTTP auth [#3927]

Changed

- Disable the user interface when merging or saving the database [#3991]
- Ability to hide protected attribute after reveal [#3877]
- Remove mention of "snaps" in Windows and macOS [#3879]
- CLI: Merge parameter for source database key file (--key-file-from) [#3961]
- Improve GUI tests reliability on Hi-DPI displays [#4075]
- Disable deprecation warnings to allow building with Qt 5.14+ [#4075]
- OPVault: Use 'otp' attribute for TOTP field imports [#4075]

Fixed

- Fix crashes when saving a database to cloud storage [#3991]
- Fix crash when pressing enter twice while opening database [#3885]
- Fix handling of HTML when displayed in the entry preview panel [#3910]
- Fix start minimized to tray on Linux [#3899]
- Fix Auto Open with key file only databases [#4075]
- Fix escape key closing the standalone password generator [#3892]
- macOS: Fix monospace font usage in password field and notes [#4075]
- macOS: Fix building on macOS 10.9 to 10.11 [#3946]
- Fix TOTP setup dialog not closing on database lock [#4075]
- Browser: Fix condition where additional URLs are ignored [#4033]
- Browser: Fix subdomain matching to return only relevant site entries [#3854]
- Secret Service: Fix multiple crashes and incompatibilities [#3871, #4009, #4074]
- Secret Service: Fix searching of entries [#4008, #4036]
- Secret Service: Fix behavior when exposed group is recycled [#3914]
- CLI: Release the database instance before exiting interactive mode [#3889]
- Fix (most) memory leaks in tests [#3922]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
3 participants
You can’t perform that action at this time.