Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug 1183257 - Remember Password prompt does not work on Twitch #871

Merged
merged 1 commit into from Sep 29, 2015
Merged

Bug 1183257 - Remember Password prompt does not work on Twitch #871

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
8 changes: 0 additions & 8 deletions Client/Assets/LoginsHelper.js
View file
Open in desktop
Expand Up @@ -319,14 +319,6 @@ var LoginManagerContent = {
return;
}

// Somewhat gross hack - we don't want to show the "remember password"
// notification on about:accounts for Firefox.
var topWin = win.top;
if (/^about:accounts($|\?)/i.test(topWin.document.documentURI)) {
log("(form submission ignored -- about:accounts)");
return;
}

var formSubmitURL = LoginUtils._getActionOrigin(form);

// Get the appropriate fields from the form.
Expand Down
16 changes: 5 additions & 11 deletions Client/Frontend/Browser/LoginsHelper.swift
View file
Open in desktop
Expand Up @@ -34,7 +34,7 @@ class LoginsHelper: BrowserHelper {
self.profile = profile

if let path = NSBundle.mainBundle().pathForResource("LoginsHelper", ofType: "js"), source = try? NSString(contentsOfFile: path, encoding: NSUTF8StringEncoding) as String {
let userScript = WKUserScript(source: source, injectionTime: WKUserScriptInjectionTime.AtDocumentEnd, forMainFrameOnly: true)
let userScript = WKUserScript(source: source, injectionTime: WKUserScriptInjectionTime.AtDocumentEnd, forMainFrameOnly: false)
browser.webView!.configuration.userContentController.addUserScript(userScript)
}
}
Expand All @@ -44,21 +44,15 @@ class LoginsHelper: BrowserHelper {
}

func userContentController(userContentController: WKUserContentController, didReceiveScriptMessage message: WKScriptMessage) {
let frameInfo = message.frameInfo

// We don't currently inject the helper into iframes.
// Don't listen for messages from iframes, either.
if !frameInfo.mainFrame {
return
}

var res = message.body as! [String: String]
let type = res["type"]

// We don't use the WKWebView's URL since the page can spoof the URL by using document.location
// right before requesting login data. See bug 1194567 for more context.
if let url = frameInfo.request.URL {
if type == "request" {
if let url = message.frameInfo.request.URL {
// Since responses go to the main frame, make sure we only listen for main frame requests
// to avoid XSS attacks.
if message.frameInfo.mainFrame && type == "request" {
res["username"] = ""
res["password"] = ""
let login = Login.fromScript(url, script: res)
Expand Down