Bug 1322673 - Dedupe logins to update upon password change. r=johannh
authorMatthew Noorenberghe <mozilla@noorenberghe.ca>
Tue, 08 Jan 2019 20:53:29 +0000
changeset 510062 1898dd0aeab9facb23b0ec8fd4f7a4aa5b994fa3
parent 510061 e62e0dfddefe6a582c72c52071742bbc9f3865b0
child 510063 8268418fa2528e228a503e74a1a2f71272f257a3
push id10547
push userffxbld-merge
push dateMon, 21 Jan 2019 13:03:58 +0000
treeherdermozilla-beta@24ec1916bffe [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjohannh
bugs1322673
milestone66.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1322673 - Dedupe logins to update upon password change. r=johannh If we have both http: and https: then we need to dedupe them to decide which one to update. This uses the same logic as for HTTP auth https://searchfox.org/mozilla-central/rev/76fe4bb385348d3f45bbebcf69ba8c7283dfcec7/toolkit/components/passwordmgr/nsLoginManagerPrompter.js#554-558 Differential Revision: https://phabricator.services.mozilla.com/D15884
toolkit/components/passwordmgr/nsILoginInfo.idl
toolkit/components/passwordmgr/nsLoginManagerPrompter.js
--- a/toolkit/components/passwordmgr/nsILoginInfo.idl
+++ b/toolkit/components/passwordmgr/nsILoginInfo.idl
@@ -8,28 +8,28 @@
 [scriptable, uuid(c41b7dff-6b9b-42fe-b78d-113051facb05)]
 
 /**
  * An object containing information for a login stored by the
  * password manager.
  */
 interface nsILoginInfo : nsISupports {
   /**
-   * The hostname the login applies to.
+   * The origin the login applies to, incorrectly called a hostname.
    *
-   * The hostname should be formatted as an URL. For example,
+   * For example,
    * "https://site.com", "http://site.com:1234", "ftp://ftp.site.com".
    */
   attribute AString hostname;
 
   /**
-   * The URL a form-based login was submitted to.
+   * The origin a form-based login was submitted to.
    *
-   * For logins obtained from HTML forms, this field is the |action|
-   * attribute from the |form| element, with the path removed. For
+   * For logins obtained from HTML forms, this field is the origin of the |action|
+   * attribute from the |form| element. For
    * example "http://www.site.com". [Forms with no |action| attribute
    * default to submitting to their origin URL, so we store that.]
    *
    * For logins obtained from a HTTP or FTP protocol authentication,
    * this field is NULL.
    */
   attribute AString formSubmitURL;
 
@@ -50,29 +50,33 @@ interface nsILoginInfo : nsISupports {
    */
   attribute AString username;
 
   /**
    * The |name| attribute for the username input field.
    *
    * For logins obtained from a HTTP or FTP protocol authentication,
    * this field is an empty string.
+   *
+   * @note This attribute is currently saved but not used.
    */
   attribute AString usernameField;
 
   /**
    * The password for the login.
    */
   attribute AString password;
 
   /**
    * The |name| attribute for the password input field.
    *
    * For logins obtained from a HTTP or FTP protocol authentication,
    * this field is an empty string.
+   *
+   * @note This attribute is currently saved but not used.
    */
   attribute AString passwordField;
 
   /**
    * Initialize a newly created nsLoginInfo object.
    *
    * The arguments are the fields for the new object.
    */
--- a/toolkit/components/passwordmgr/nsLoginManagerPrompter.js
+++ b/toolkit/components/passwordmgr/nsLoginManagerPrompter.js
@@ -916,16 +916,21 @@ LoginManagerPrompter.prototype = {
       let foundLogins = LoginHelper.searchLoginsWithObject({
         formSubmitURL: login.formSubmitURL,
         hostname: login.hostname,
         httpRealm: login.httpRealm,
         schemeUpgrades: LoginHelper.schemeUpgrades,
       });
 
       let logins = this._filterUpdatableLogins(login, foundLogins);
+      let resolveBy = [
+        "scheme",
+        "timePasswordChanged",
+      ];
+      logins = LoginHelper.dedupeLogins(logins, ["username"], resolveBy, login.hostname);
 
       if (logins.length == 0) {
         // The original login we have been provided with might have its own
         // metadata, but we don't want it propagated to the newly created one.
         Services.logins.addLogin(new LoginInfo(login.hostname,
                                                login.formSubmitURL,
                                                login.httpRealm,
                                                login.username,