wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 380222 - Rewrite fillDocument() after new pwmgr lands. Patch by Justin Dolske <dolske@mozilla.com>. r=mconnor

Browse Source
This commit is contained in:
sdwilsh@shawnwilsher.com 2007-06-25 14:20:55 -07:00
parent 7e13e23e17
commit 3c25407a4b
16 changed files with 19012 additions and 1052 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

472
toolkit/components/passwordmgr/src/nsLoginManager.js
View File

@ -597,6 +597,12 @@ LoginManager.prototype = {
/*
* _getPasswordFields
*
* Returns an array of password field elements for the specified form.
* If no pw fields are found, or if more than 3 are found, then null
* is returned.
*
* skipEmptyFields can be set to ignore password fields with no value.
*/
_getPasswordFields : function (form, skipEmptyFields) {
// Locate the password fields in the form.
@ -622,6 +628,98 @@ LoginManager.prototype = {
},
/*
* _getFormFields
*
* Returns the username and password fields found in the form.
* Can handle complex forms by trying to figure out what the
* relevant fields are.
*
* Returns: [usernameField, newPasswordField, oldPasswordField]
*
* usernameField may be null.
* newPasswordField will always be non-null.
* oldPasswordField may be null. If null, newPasswordField is just
* "theLoginField". If not null, the form is apparently a
* change-password field, with oldPasswordField containing the password
* that is being changed.
*/
_getFormFields : function (form, isSubmission) {
// Locate the password field(s) in the form. Up to 3 supported.
// If there's no password field, there's nothing for us to do.
var pwFields = this._getPasswordFields(form, isSubmission);
if (!pwFields) {
this.log("(form ignored -- either 0 or >3 pw fields.)");
return [null, null, null];
}
// Locate the username field in the form by serarching backwards
// from the first passwordfield, assume the first text field is the
// username. We might not find a username field if the user is
// already logged in to the site.
for (var i = pwFields[0].index - 1; i >= 0; i--) {
if (form.elements[i].type == "text") {
var usernameField = form.elements[i];
break;
}
}
if (!usernameField)
this.log("(form -- no username field found)");
// If we're not submitting a form (it's a page load), there are no
// password field values for us to use for identifying fields. So,
// just assume the first password field is the one to be filled in.
if (!isSubmission || pwFields.length == 1)
return [usernameField, pwFields[0].element, null];
// Try to figure out WTF is in the form based on the password values.
var oldPasswordField, newPasswordField;
var pw1 = pwFields[0].element.value;
var pw2 = pwFields[1].element.value;
var pw3 = (pwFields[2] ? pwFields[2].element.value : null);
if (pwFields.length == 3) {
// Look for two identical passwords, that's the new password
if (pw1 == pw2 && pw2 == pw3) {
// All 3 passwords the same? Weird! Treat as if 1 pw field.
newPasswordField = pwFields[0].element;
oldPasswordField = null;
} else if (pw1 == pw2) {
newPasswordField = pwFields[0].element;
oldPasswordField = pwFields[2].element;
} else if (pw2 == pw3) {
oldPasswordField = pwFields[0].element;
newPasswordField = pwFields[2].element;
} else if (pw1 == pw3) {
// A bit odd, but could make sense with the right page layout.
newPasswordField = pwFields[0].element;
oldPasswordField = pwFields[1].element;
} else {
// We can't tell which of the 3 passwords should be saved.
this.log("(form ignored -- all 3 pw fields differ)");
return [null, null, null];
}
} else { // pwFields.length == 2
if (pw1 == pw2) {
// Treat as if 1 pw field
newPasswordField = pwFields[0].element;
oldPasswordField = null;
} else {
// Just assume that the 2nd password is the new password
oldPasswordField = pwFields[0].element;
newPasswordField = pwFields[1].element;
}
}
return [usernameField, newPasswordField, oldPasswordField];
},
/*
* _onFormSubmit
*
@ -644,22 +742,9 @@ LoginManager.prototype = {
};
// local helper function
function getUsernameField (passwordFieldIndex) {
var usernameField = null;
function findExistingLogin(pwmgr, hostname,
formSubmitURL, usernameField) {
// Search backwards to first text field (assume it's the username)
for (var i = passwordFieldIndex - 1; i >= 0; i--) {
if (form.elements[i].type == "text") {
usernameField = form.elements[i];
break;
}
}
return usernameField;
};
// local helper function
function findExistingLogin(pwmgr) {
var searchLogin = new pwmgr._nsLoginInfo();
searchLogin.init(hostname, formSubmitURL, null,
usernameField.value, "",
@ -697,75 +782,27 @@ LoginManager.prototype = {
return;
}
// Locate the password field(s) in the form. Up to 3 supported.
var pwFields = this._getPasswordFields(form, true);
if (!pwFields) {
this.log("(form submission ignored -- found " + pwFields.length +
" fields, can only handle 1-3.)");
return;
}
// Locate the username field in the form. We might not find a
// username field if the user is already logged in to the site.
var usernameField = getUsernameField(pwFields[0].index);
if (!usernameField) {
this.log("(form submission -- no username field found)");
}
// Get the appropriate fields from the form.
var [usernameField, newPasswordField, oldPasswordField] =
this._getFormFields(form, true);
// Need at least 1 valid password field to do anything.
if (newPasswordField == null)
return;
// Check for autocomplete=off attribute. We don't use it to prevent
// autofilling (for existing logins), but won't save logins when it's
// present.
if (autocompleteDisabled(form) ||
autocompleteDisabled(usernameField) ||
autocompleteDisabled(pwFields[0].element) ||
(pwFields[1] && autocompleteDisabled(pwFields[1].element)) ||
(pwFields[2] && autocompleteDisabled(pwFields[2].element))) {
autocompleteDisabled(newPasswordField) ||
autocompleteDisabled(oldPasswordField)) {
this.log("(form submission ignored -- autocomplete=off found)");
return;
}
// Try to figure out WTF is in the form based on the password values
var pw1 = pwFields[0].element.value;
var pw2 = (pwFields[1] ? pwFields[1].element.value : null);
var pw3 = (pwFields[2] ? pwFields[2].element.value : null);
// By default, assume a 1-password case
var oldPasswordField = null, newPasswordField = pwFields[0].element;
if (pwFields.length == 3) {
// Look for two identical passwords, that's the new password
if (pw1 == pw2 && pw2 == pw3) {
// All 3 passwords the same? Weird! Treat as if 1 pw field.
pwFields.length = 1;
} else if (pw1 == pw2) {
newPasswordField = pwFields[0].element;
oldPasswordField = pwFields[2].element;
} else if (pw2 == pw3) {
oldPasswordField = pwFields[0].element;
newPasswordField = pwFields[2].element;
} else if (pw1 == pw3) {
// A bit odd, but could make sense with the right page layout.
newPasswordField = pwFields[0].element;
oldPasswordField = pwFields[1].element;
} else {
// We can't tell which of the 3 passwords should be saved.
this.log("(form submission ignored -- all 3 pw fields differ)");
return;
}
} else if (pwFields.length == 2) {
if (pw1 == pw2) {
// Treat as if 1 pw field
pwFields.length = 1;
} else {
// Just assume that the 2nd password is the new password
oldPasswordField = pwFields[0].element;
newPasswordField = pwFields[1].element;
}
}
var formLogin = new this._nsLoginInfo();
formLogin.init(hostname, formSubmitURL, null,
(usernameField ? usernameField.value : null),
@ -773,19 +810,13 @@ LoginManager.prototype = {
(usernameField ? usernameField.name : null),
newPasswordField.name);
// If we didn't find a username field, allow the user to select
// from a list of applicable logins to update.
if (!usernameField) {
// Without an oldPasswordField, we can't know for sure if
// the user is creating an account or changing a password.
if (!oldPasswordField) {
this.log("(form submission ignored -- couldn't find a " +
"username, and no oldPasswordField found.");
return;
}
// If we didn't find a username field, but seem to be changing a
// password, allow the user to select from a list of applicable
// logins to update the password for.
if (!usernameField && oldPasswordField) {
var ok, username;
var logins = pwmgr.findLogins({}, hostname, formSubmitURL, null);
var logins = this.findLogins({}, hostname, formSubmitURL, null);
// XXX we could be smarter here: look for a login matching the
// old password value. If there's only one, update it. If there's
@ -793,18 +824,21 @@ LoginManager.prototype = {
// login for the pwchange is in pwmgr, but with an outdated
// password. and the user has another login, with the same
// password as the form login's old password.) ugh.
// XXX if you're changing a password, and there's no username
// in the form, then you can't add the login. Will need to change
// prompting to allow this.
if (logins.length == 0) {
this.log("(no logins for this host -- pwchange ignored)");
return;
} else if (logins.length == 1) {
username = logins[0].username;
ok = _promptToChangePassword(win, username)
ok = this._promptToChangePassword(win, username)
} else {
var usernames = [];
logins.forEach(function(l) { usernames.push(l.username); });
[ok, username] = _promptToChangePasswordWithUsername(
[ok, username] = this._promptToChangePasswordWithUsernames(
win, usernames);
}
@ -829,15 +863,23 @@ LoginManager.prototype = {
return;
}
if (!usernameField && !oldPasswordField) {
this.log("XXX not handled yet");
return;
}
// Look for an existing login that matches the form data (other
// than the password, which might be different)
existingLogin = findExistingLogin(this);
// We have a username. Look for an existing login that matches the
// form data (other than the password, which might be different)
existingLogin = findExistingLogin(this, hostname, formSubmitURL,
usernameField);
if (existingLogin) {
this.log("Found an existing login matching this form submission");
// Change password if needed
this.log("Updating password for existing login.");
if (existingLogin.password != newPasswordField.value)
if (existingLogin.password != formLogin.password) {
this.log("...Updating password for existing login.");
this.modifyLogin(existingLogin, formLogin);
}
return;
}
@ -895,212 +937,95 @@ LoginManager.prototype = {
/*
* _fillDocument
*
* Called when a page has loaded. Checks the document for forms,
* and for each form checks to see if it can be filled out with a
* stored login.
* Called when a page has loaded. For each form in the document,
* we check to see if it can be filled with a stored login.
*/
_fillDocument : function (doc) {
function getElementByName (elements, name) {
for (var i = 0; i < elements.length; i++) {
var element = elements[i];
if (element.name && element.name == name)
return element;
}
return null;
};
/*
* Bug 380222...
*
* CRIKEY! The original C++ code eeds a cleanup. This function is
* just a straight conversion to JS, with some changes for interacting
* with other parts of pwmgr that have been updated.
*/
_fillDocument : function (doc) {
var forms = doc.forms;
if (!forms || forms.length == 0)
return;
var formOrigin = this._getPasswordOrigin(doc.documentURI);
var prefillForm = this._prefBranch.getBoolPref("autofillForms");
var autofillForm = this._prefBranch.getBoolPref("autofillForms");
this.log("fillDocument found " + forms.length +
" forms on " + doc.documentURI);
// We can auto-prefill the username and password if there is only
// one stored login that matches the username and password field names
// on the form in question. Note that we only need to worry about a
// single login per form.
var previousActionOrigin = null;
for (var i = 0; i < forms.length; i++) {
var form = forms[i];
var firstMatch = null;
var attachedToInput = false;
var prefilledUser = false;
var userField, passField;
// Note: C++ code only had |temp| and reused it.
var tempUserField = null, tempPassField = null;
var actionOrigin = this._getActionOrigin(form);
var logins = this.findLogins({}, formOrigin, actionOrigin, null);
// Heuristically determine what the user/pass fields are
// We do this before checking to see if logins are stored,
// so that the user isn't prompted for a master password
// without need.
var [usernameField, passwordField, ignored] =
this._getFormFields(form, false);
this.log("form[" + i + "]: found " + logins.length +
" matching logins.");
// Need a valid password field to do anything.
if (passwordField == null)
continue;
for (var j = 0; j < logins.length; j++) {
var login = logins[j];
if (login.usernameField != "") {
var foundNode = getElementByName(form.elements,
login.usernameField);
var tempUserField = foundNode;
}
// Only the actionOrigin might be changing, so if it's the same
// as the last form on the page we can reuse the same logins.
if (actionOrigin != previousActionOrigin) {
var logins =
this.findLogins({}, formOrigin, actionOrigin, null);
var oldUserValue;
var userFieldFound = false;
this.log("form[" + i + "]: got " + logins.length + " logins.");
if (tempUserField) {
if (tempUserField.type != "text")
continue;
oldUserValue = tempUserField.value;
userField = tempUserField;
userFieldFound = true;
} else if (login.passwordField == "") {
// Happens sometimes when we import passwords from IE since
// their form name match is case insensitive. In this case,
// we'll just have to do a case insensitive search for the
// userField and hope we get something.
// loop over each form element
for (var k = 0; i < form.elements.length; k++) {
// |inputField| is |formControl| in C++
var inputField = form.elements[k];
if (inputField.type != "text")
continue;
if (login.usernameField.toLowerCase() ==
inputField.name.toLowerCase())
{
oldUserValue = inputField.value;
userField = inputField;
foundNode = inputField;
login.usernameField = inputField.name;
//TODO write modified login to disk
userFieldFound = true;
break;
}
}
}
// Bail out if we should be seeing a userField but we're not
this.log(".... found userField? " + userFieldFound);
if (!userFieldFound && login.usernameField != "")
continue;
if (login.passwordField != "") {
foundNode = getElementByName(form.elements,
login.passwordField);
if (foundNode && foundNode.type != "password")
foundNode = null;
tempPassField = foundNode;
} else if (userField) {
// No password field name was supplied,
// try to locate one in the form, but only if we have
// a username field.
for (var index = 0; index < form.elements.length; index++) {
if (form.elements[index].isSameNode(foundNode))
break;
}
if (index >= 0) {
// Search forwards
for (var l = index + 1; l < form.elements.length; l++) {
var e = form.elements[l];
if (e.type == "password")
foundNode = tempPassField = e;
}
}
if (!tempPassField && index != 0) {
// Search backwards
for (l = index - 1; l >= 0; l--) {
var e = form.elements[l];
if (e.type == "password")
foundNode = tempPassField = e;
}
}
}
this.log(".... found passField? " +
(tempPassField ? true : false));
if (!tempPassField)
continue;
oldPassValue = tempPassField.value;
passField = tempPassField;
if (login.passwordField == "")
login.passwordField = passField.name;
if (oldUserValue != "" && prefillForm) {
// The page has prefilled a username.
// If it matches any of our saved usernames, prefill
// the password for that username. If there are
// multiple saved usernames, we will also attach the
// autocomplete listener.
prefilledUser = true;
if (login.username == oldUserValue)
passField.value = login.password;
}
if (firstMatch && userField && !attachedToInput) {
// We found more than one possible signon for this form...
// Listen for blur and autocomplete events on the username
// field so we can attempt to prefill the password after
// the user has entered/selected the username.
this.log(".... found multiple matching logins, " +
"attaching autocomplete stuff");
this._attachToInput(userField);
attachedToInput = true;
} else {
firstMatch = login;
}
previousActionOrigin = actionOrigin;
} else {
this.log("form[" + i + "]: using logins from last form.");
}
// If we found more than one match, attachedToInput will be true.
// But if we found just one, we need to attach the autocomplete
// listener, and fill in the username and password (if the HTML
// didn't prefill the username.
if (firstMatch && !attachedToInput) {
if (userField)
this._attachToInput(userField);
// Nothing to do if we have no matching logins available.
if (logins.length == 0)
continue;
if (!prefilledUser && prefillForm) {
if (userField)
userField.value = firstMatch.username;
passField.value = firstMatch.password;
// Attach autocomplete stuff to the username field, if we have
// one. This is normally used to select from multiple accounts,
// but even with one account we should refill if the user edits.
// XXX should be able to pass in |logins| to init attachment
if (usernameField)
this._attachToInput(usernameField);
if (autofillForm) {
// If username was specified in the form, only fill in the
// password if we find a matching login.
if (usernameField && usernameField.value) {
var username = usernameField.value;
var foundLogin;
var found = logins.some(function(l) {
foundLogin = l;
return (l.username == username);
});
if (found)
passwordField.value = foundLogin.password;
} else if (logins.length == 1) {
if (usernameField)
usernameField.value = logins[0].username;
passwordField.value = logins[0].password;
}
}
// We're done with this form, loop to the next one...
}
} // foreach form
},
/*
* _attachToInput
*
* Hooks up autocomplete support to a username field, to allow
* a user editing the field to select an existing login and have
* the password field filled in.
*/
_attachToInput : function (element) {
this.log("attaching autocomplete stuff");
@ -1230,8 +1155,8 @@ LoginManager.prototype = {
* fields.
*
* Return values:
* 0 - Update the stored password
* 1 - Do not update the stored password
* true - Update the stored password
* false - Do not update the stored password
*/
_promptToChangePassword : function (aWindow, username) {
const buttonFlags = Ci.nsIPrompt.STD_YES_NO_BUTTONS;
@ -1241,11 +1166,12 @@ LoginManager.prototype = {
var dialogTitle = this._getLocalizedString(
"passwordChangeTitle");
// returns 0 for yes, 1 for no.
var result = this._promptService.confirmEx(aWindow,
dialogTitle, dialogText, buttonFlags,
null, null, null,
null, {});
return result;
return !result;
},
@ -1258,10 +1184,10 @@ LoginManager.prototype = {
*
* Returns multiple paramaters:
* [0] - User's respone to the dialog
* 0 = Update the stored password
* 1 = Do not update the stored password
* true = Update the stored password
* false = Do not update the stored password
* [1] - The username selected
* (null if [0] is 1)
* (null if [0] is false)
*
*/
_promptToChangePasswordWithUsernames : function (aWindow, usernames) {
@ -1269,16 +1195,18 @@ LoginManager.prototype = {
var dialogText = this._getLocalizedString("userSelectText");
var dialogTitle = this._getLocalizedString("passwordChangeTitle");
var selectedUser = { value: null };
var selectedUser = null, selectedIndex = { value: null };
// If user selects ok, outparam.value is set to the index
// of the selected username.
var result = this._promptService.select(aWindow,
var ok = this._promptService.select(aWindow,
dialogTitle, dialogText,
usernames.length, usernames,
selectedUser);
selectedIndex);
if (ok)
selectedUser = usernames[selectedIndex.value];
return [result, selectedUser.value];
return [ok, selectedUser];
},

1
toolkit/components/passwordmgr/test/Makefile.in
View File

@ -58,7 +58,6 @@ MOCHI_TESTS = \
test_basic_form_3pw_1.html \
test_bug_227640.html \
test_bug_242956.html \
test_bug_270558.html \
test_bug_360493_1.html \
test_bug_360493_2.html \
$(NULL)

30
toolkit/components/passwordmgr/test/pwmgr_common.js
View File

@ -3,13 +3,29 @@
*
* Returns the element with the specified |name| attribute.
*/
function $_(name) {
var elements = document.getElementsByName(name);
if (!elements || elements.length < 1) { return null; }
if (elements.length > 2) {
logWarning("found multiple elements with name="+name);
function $_(formNum, name) {
var form = document.getElementById("form" + formNum);
if (!form) {
logWarning("$_ couldn't find requested form " + formNum);
return null;
}
return elements[0];
var element = form.elements.namedItem(name);
if (!element) {
logWarning("$_ couldn't find requested element " + name);
return null;
}
// Note that namedItem is a bit stupid, and will prefer an
// |id| attribute over a |name| attribute when looking for
// the element. Login Mananger happens to use .namedItem
// anyway, but let's rigorously check it here anyway so
// that we don't end up with tests that mistakenly pass.
if (element.getAttribute("name") != name) {
logWarning("$_ got confused.");
return null;
}
return element;
}

26
toolkit/components/passwordmgr/test/test_0init.html
View File

@ -49,32 +49,18 @@ var nsLoginInfo = new Components.Constructor("@mozilla.org/login-manager/loginIn
ok(nsLoginInfo != null, "nsLoginInfo constructor");
// Add some logins for testing.
function initLogin(login, username, ufieldName, password, pfieldName, hostname, formSubmitURL) {
login.username = username;
login.usernameField = ufieldName;
login.password = password;
login.passwordField = pfieldName;
login.hostname = hostname;
login.formSubmitURL = formSubmitURL
login.httpRealm = null;
}
login = new nsLoginInfo();
ok(login != null, "Adding login");
for (var u = 1; u <= 10; u++) {
// TODO: don't really need |new| here, could even detect possible breakage with refs to user objs
login = new nsLoginInfo();
ok(login != null, "Adding login #" + u);
login.init("http://localhost:8888", "http://localhost:8888", null,
"testuser", "testpass", "uname", "pword");
initLogin(login, "testuser"+u, "uname"+u, "testpass"+u, "pword"+u,
"http://localhost:8888", "http://localhost:8888");
pwmgr.addLogin(login);
}
pwmgr.addLogin(login);
// Simple check to see if everything was added fine.
var logins = pwmgr.getAllLogins({});
ok(logins != null, "getAllLogins()");
is(logins.length, 10, "check expected final number of logins");
is(logins.length, 1, "check expected final number of logins");
</script>
</pre>

38
toolkit/components/passwordmgr/test/test_basic_form.html
View File

@ -12,28 +12,11 @@ Login Manager test: simple form fill
<p id="display"></p>
<div id="content" style="display: none">
<form action="formtest.js" method="get">
<form id="form1" action="formtest.js">
<p>This is form 1.</p>
<input type="text" name="uname1" value="">
<input type="password" name="pword1" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<form action="formtest.js" method="get">
<p>This is form 2.</p>
<input type="text" name="uname2" value="">
<input type="password" name="pword2" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<form action="formtest.js" method="get">
<p>This is form 3.</p>
<input type="text" name="uname3" value="">
<input type="password" name="pword3" value="">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -49,17 +32,8 @@ Login Manager test: simple form fill
// Make sure that all forms in a document are processed.
function startTest() {
// Check form 1
is($_("uname1").value, "testuser1", "Checking for filled username1");
is($_("pword1").value, "testpass1", "Checking for filled password1");
// Check form 2
is($_("uname2").value, "testuser2", "Checking for filled username2");
is($_("pword2").value, "testpass2", "Checking for filled password2");
// Check form 3
is($_("uname3").value, "testuser3", "Checking for filled username3");
is($_("pword3").value, "testpass3", "Checking for filled password3");
is($_(1, "uname").value, "testuser", "Checking for filled username");
is($_(1, "pword").value, "testpass", "Checking for filled password");
SimpleTest.finish();
}

31
toolkit/components/passwordmgr/test/test_basic_form_0pw.html
View File

@ -14,21 +14,36 @@ Login Manager test: forms with no password fields
<div id="content" style="display: none">
<!-- Form with no user field or password field -->
<form action="formtest.js" method="get">
<form id="form1" action="formtest.js">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- Form with no user field or password field, but one other field -->
<form action="formtest.js" method="get">
<input type="checkbox">
<form id="form2" action="formtest.js">
<input type="checkbox">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- Form user a user field, but no password field -->
<form action="formtest.js" method="get">
<input type="text" name="uname1" value="">
<!-- Form with no user field or password field, but one other field -->
<form id="form3" action="formtest.js">
<input type="checkbox" name="uname" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- Form with a text field, but no password field -->
<form id="form4" action="formtest.js">
<input type="text" name="yyyyy">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- Form with a user field, but no password field -->
<form id="form5" action="formtest.js">
<input type="text" name="uname">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -42,7 +57,9 @@ Login Manager test: forms with no password fields
/** Test for Login Manager: form fill, no password fields. **/
function startTest() {
is($_("uname1").value, "", "Checking for unfilled username 1");
is($_(3, "uname").value, "", "Checking for unfilled checkbox (form 3)");
is($_(4, "yyyyy").value, "", "Checking for unfilled text field (form 4)");
is($_(5, "uname").value, "", "Checking for unfilled text field (form 5)");
SimpleTest.finish();
}

2837
toolkit/components/passwordmgr/test/test_basic_form_1pw.html
View File

File diff suppressed because it is too large Load Diff

15740
toolkit/components/passwordmgr/test/test_basic_form_2pw_1.html
View File

File diff suppressed because it is too large Load Diff

151
toolkit/components/passwordmgr/test/test_basic_form_2pw_2.html
View File

@ -8,66 +8,19 @@
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
Login Manager test: forms with 2 password fields (adding new logins)
Login Manager test: (placeholder)
<p id="display"></p>
<div id="content" style="display: none">
<p>The next three forms are <b>user/pass/pass-new</b>, as all-empty, prefilled user(only), and prefilled user/pass</p>
<form id="form1" onsubmit="return checkSubmit(1)" action="formtest.js" method="get">
<input type="text" name="new-uname1" value="">
<input type="password" name="new-pword1" value="">
<input type="password" name="new-pword1B" value="">
<form id="form1" onsubmit="return checkSubmit(1)" action="http://newuser.com">
<input type="text" name="uname">
<input type="password" name="pword">
<input type="password" name="qword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<form id="form2" onsubmit="return checkSubmit(2)" action="formtest.js" method="get">
<input type="text" name="new-uname2" value="newuser2">
<input type="password" name="new-pword2" value="">
<input type="password" name="new-pword2B" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<form id="form3" onsubmit="return checkSubmit(3)" action="formtest.js" method="get">
<input type="text" name="new-uname3" value="newuser3">
<input type="password" name="new-pword3" value="newpass3">
<input type="password" name="new-pword3B" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<p>The next three forms are <b>user/pass-new/pass</b>, as all-empty, prefilled user(only), and prefilled user/pass</p>
<form id="form4" onsubmit="return checkSubmit(4)" action="formtest.js" method="get">
<input type="text" name="new-uname4" value="">
<input type="password" name="new-pword4B" value="">
<input type="password" name="new-pword4" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<form id="form5" onsubmit="return checkSubmit(5)" action="formtest.js" method="get">
<input type="text" name="new-uname5" value="newuser5">
<input type="password" name="new-pword5B" value="">
<input type="password" name="new-pword5" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<form id="form6" onsubmit="return checkSubmit(6)" action="formtest.js" method="get">
<input type="text" name="new-uname6" value="newuser6">
<input type="password" name="new-pword6B" value="">
<input type="password" name="new-pword6" value="newpass6">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
</div>
<pre id="test">
@ -75,80 +28,34 @@ Login Manager test: forms with 2 password fields (adding new logins)
/** Test for Login Manager: form fill, 2 password fields **/
// If a form has two password fields, other things may be going on....
//
// 1 - The user might be creating a new login (2nd field for typo checking)
// 2 - The user is changing their password (old and new password each have field)
//
// This test is for case #1.
/*
* If a form has two password fields, other things may be going on....
*
* 1 - The user might be creating a new login (2nd field for typo checking)
* 2 - The user is changing a password (old and new password each have field)
*
* This test is for case #1.
*/
var numSubmittedForms = 0;
var numStartingLogins = 0;
function startTest() {
// Check for unfilled form 1
is($_("new-uname1").value, "", "Checking username1");
is($_("new-pword1").value, "", "Checking password1");
is($_("new-pword1B").value, "", "Checking password1B");
// Check for unfilled forms
is($_(1, "uname").value, "", "Checking username 1");
is($_(1, "pword").value, "", "Checking password 1A");
is($_(1, "qword").value, "", "Checking password 1B");
// Check for unfilled form 2
is($_("new-uname2").value, "newuser2", "Checking username2");
is($_("new-pword2").value, "", "Checking password2");
is($_("new-pword2B").value, "", "Checking password2B");
// Check for unfilled form 3
is($_("new-uname3").value, "newuser3", "Checking username3");
is($_("new-pword3").value, "newpass3", "Checking password3");
is($_("new-pword3B").value, "", "Checking password3B");
// Check for unfilled form 4
is($_("new-uname4").value, "", "Checking username4");
is($_("new-pword4").value, "", "Checking password4");
is($_("new-pword4B").value, "", "Checking password4B");
// Check for unfilled form 5
is($_("new-uname5").value, "newuser5", "Checking username5");
is($_("new-pword5").value, "", "Checking password5");
is($_("new-pword5B").value, "", "Checking password5B");
// Check for unfilled form 6
is($_("new-uname6").value, "newuser6", "Checking username6");
is($_("new-pword6").value, "newpass6", "Checking password6");
is($_("new-pword6B").value, "", "Checking password6B");
// Fill in the username and password fields, as if we are creating new accounts.
// Fill in the username and password fields, for account creation.
// Form 1
$_("new-uname1").value = "newuser1";
$_("new-pword1").value = "newpass1";
$_("new-pword1B").value = "newpass1";
// Form 2
//$_("new-uname2").value = "newuser2"; (already set in form)
$_("new-pword2").value = "newpass2";
$_("new-pword2B").value = "newpass2";
// Form 3
//$_("new-uname3").value = "newuser3";
//$_("new-pword3").value = "newpass3";
$_("new-pword3B").value = "newpass3";
// Form 4
$_("new-uname4").value = "newuser4";
$_("new-pword4").value = "newpass4";
$_("new-pword4B").value = "newpass4";
// Form 5
//$_("new-uname5").value = "newuser5";
$_("new-pword5").value = "newpass5";
$_("new-pword5B").value = "newpass5";
// Form 6
//$_("new-uname6").value = "newuser6";
//$_("new-pword6").value = "newpass6";
$_("new-pword6B").value = "newpass6";
$_(1, "uname").value = "newuser1";
$_(1, "pword").value = "newpass1";
$_(1, "qword").value = "newpass1";
var button = getFormSubmitButton(1);
//button.click();
// TODO: form submission checking disabled until we can auto-accept the save-password dialog.
// (this test worked with the old password manager because it ignored this case of forms).
todo(false, "form submission disabled, can't auto-accept dialog yet");
SimpleTest.finish();
}
@ -158,16 +65,13 @@ function checkSubmit(formNum) {
numSubmittedForms++;
// End the test at the last form.
if (formNum == 6) {
is(numSubmittedForms, 6, "Ensuring all forms were submitted for testing.");;
if (formNum == 999) {
is(numSubmittedForms, 999, "Ensuring all forms submitted for testing.");
var numEndingLogins = countLogins();
todo(false, "Need a mechanism to auto-save submitted logins, so we can check to see if it worked.");
if (false) {
ok(numEndingLogins > 0, "counting logins at end");
is(numStartingLogins, numEndingLogins + 6, "counting logins at end");
}
ok(numEndingLogins > 0, "counting logins at end");
is(numStartingLogins, numEndingLogins + 222, "counting logins at end");
SimpleTest.finish();
return false; // return false to cancel current form submission
@ -185,7 +89,8 @@ function getFormSubmitButton(formNum) {
var form = $("form" + formNum); // by id, not name
ok(form != null, "getting form " + formNum);
// we can't just call form.submit(), because that doesn't seem to invoke the form onsubmit handler.
// we can't just call form.submit(), because that doesn't seem to
// invoke the form onsubmit handler.
var button = form.firstChild;
while (button && button.type != "submit") { button = button.nextSibling; }
ok(button != null, "getting form submit button");

162
toolkit/components/passwordmgr/test/test_basic_form_3pw_1.html
View File

@ -13,31 +13,31 @@ Login Manager test: forms with 3 password fields (form filling)
<div id="content" style="display: none">
<p>The next three forms are <b>user/pass/passB/passC</b>, as all-empty, preuser(only), and preuser/pass</p>
<form action="formtest.js" method="get">
<input type="text" name="uname1" value="">
<input type="password" name="pword1" value="">
<input type="password" name="pword1B" value="">
<input type="password" name="pword1C" value="">
<form id="form1" action="formtest.js">
<input type="text" name="uname">
<input type="password" name="pword">
<input type="password" name="qword">
<input type="password" name="rword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<form action="formtest.js" method="get">
<input type="text" name="uname2" value="testuser2">
<input type="password" name="pword2" value="">
<input type="password" name="pword2B" value="">
<input type="password" name="pword2C" value="">
<form id="form2" action="formtest.js">
<input type="text" name="uname" value="testuser">
<input type="password" name="pword">
<input type="password" name="qword">
<input type="password" name="rword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<form action="formtest.js" method="get">
<input type="text" name="uname3" value="testuser3">
<input type="password" name="pword3" value="testpass3">
<input type="password" name="pword3B" value="">
<input type="password" name="pword3C" value="">
<form id="form3" action="formtest.js">
<input type="text" name="uname" value="testuser">
<input type="password" name="pword" value="testpass">
<input type="password" name="qword">
<input type="password" name="rword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -45,62 +45,62 @@ Login Manager test: forms with 3 password fields (form filling)
<p>The next three forms are <b>user/passB/pass/passC</b>, as all-empty, preuser(only), and preuser/pass</p>
<form action="formtest.js" method="get">
<input type="text" name="uname4" value="">
<input type="password" name="pword4B" value="">
<input type="password" name="pword4" value="">
<input type="password" name="pword4C" value="">
<form id="form4" action="formtest.js">
<input type="text" name="uname">
<input type="password" name="qword">
<input type="password" name="pword">
<input type="password" name="rword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<form action="formtest.js" method="get">
<input type="text" name="uname5" value="testuser5">
<input type="password" name="pword5B" value="">
<input type="password" name="pword5" value="">
<input type="password" name="pword5C" value="">
<form id="form5" action="formtest.js">
<input type="text" name="uname" value="testuser">
<input type="password" name="qword">
<input type="password" name="pword">
<input type="password" name="rword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<form action="formtest.js" method="get">
<input type="text" name="uname6" value="testuser6">
<input type="password" name="pword6B" value="">
<input type="password" name="pword6" value="testpass6">
<input type="password" name="pword6C" value="">
<form id="form6" action="formtest.js">
<input type="text" name="uname" value="testuser">
<input type="password" name="qword">
<input type="password" name="pword" value="testpass">
<input type="password" name="rword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<p>The next three forms are <b>user/passB/passC/pass</b>, as all-empty, preuser(only), and preuser/pass</p>
<form action="formtest.js" method="get">
<input type="text" name="uname7" value="">
<input type="password" name="pword7B" value="">
<input type="password" name="pword7C" value="">
<input type="password" name="pword7" value="">
<form id="form7" action="formtest.js">
<input type="text" name="uname">
<input type="password" name="qword">
<input type="password" name="rword">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<form action="formtest.js" method="get">
<input type="text" name="uname8" value="testuser8">
<input type="password" name="pword8B" value="">
<input type="password" name="pword8C" value="">
<input type="password" name="pword8" value="">
<form id="form8" action="formtest.js">
<input type="text" name="uname" value="testuser">
<input type="password" name="qword">
<input type="password" name="rword">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<form action="formtest.js" method="get">
<input type="text" name="uname9" value="testuser9">
<input type="password" name="pword9B" value="">
<input type="password" name="pword9C" value="">
<input type="password" name="pword9" value="testpass9">
<form id="form9" action="formtest.js">
<input type="text" name="uname" value="testuser">
<input type="password" name="qword">
<input type="password" name="rword">
<input type="password" name="pword" value="testpass">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -116,52 +116,52 @@ Login Manager test: forms with 3 password fields (form filling)
function startTest() {
// Check form 1
is($_("uname1").value, "testuser1", "Checking username1");
is($_("pword1").value, "testpass1", "Checking password1");
is($_("pword1B").value, "", "Checking password1B");
is($_("pword1C").value, "", "Checking password1C");
is($_(1, "uname").value, "testuser", "Checking username 1");
is($_(1, "pword").value, "testpass", "Checking password 1");
is($_(1, "qword").value, "", "Checking password 1 (q)");
is($_(1, "rword").value, "", "Checking password 1 (r)");
// Check form 2
is($_("uname2").value, "testuser2", "Checking username2");
is($_("pword2").value, "testpass2", "Checking password2");
is($_("pword2B").value, "", "Checking password2B");
is($_("pword2C").value, "", "Checking password2C");
is($_(2, "uname").value, "testuser", "Checking username 2");
is($_(2, "pword").value, "testpass", "Checking password 2");
is($_(2, "qword").value, "", "Checking password 2 (q)");
is($_(2, "rword").value, "", "Checking password 2 (r)");
// Check form 3
is($_("uname3").value, "testuser3", "Checking username3");
is($_("pword3").value, "testpass3", "Checking password3");
is($_("pword3B").value, "", "Checking password3B");
is($_("pword3C").value, "", "Checking password3C");
is($_(3, "uname").value, "testuser", "Checking username 3");
is($_(3, "pword").value, "testpass", "Checking password 3");
is($_(3, "qword").value, "", "Checking password 3 (q)");
is($_(3, "rword").value, "", "Checking password 3 (r)");
// Check form 4
is($_("uname4").value, "testuser4", "Checking username4");
is($_("pword4").value, "testpass4", "Checking password4");
is($_("pword4B").value, "", "Checking password4B");
is($_("pword4C").value, "", "Checking password4C");
is($_(4, "uname").value, "testuser", "Checking username 4");
todo_is($_(4, "qword").value, "", "Checking password 4 (q)");
todo_is($_(4, "pword").value, "testpass", "Checking password 4");
is($_(4, "rword").value, "", "Checking password 4 (r)");
// Check form 5
is($_("uname5").value, "testuser5", "Checking username5");
is($_("pword5").value, "testpass5", "Checking password5");
is($_("pword5B").value, "", "Checking password5B");
is($_("pword5C").value, "", "Checking password5C");
is($_(5, "uname").value, "testuser", "Checking username 5");
todo_is($_(5, "qword").value, "", "Checking password 5 (q)");
todo_is($_(5, "pword").value, "testpass", "Checking password 5");
is($_(5, "rword").value, "", "Checking password 5 (r)");
// Check form 6
is($_("uname6").value, "testuser6", "Checking username6");
is($_("pword6").value, "testpass6", "Checking password6");
is($_("pword6B").value, "", "Checking password6B");
is($_("pword6C").value, "", "Checking password6C");
is($_(6, "uname").value, "testuser", "Checking username 6");
todo_is($_(6, "qword").value, "", "Checking password 6 (q)");
is($_(6, "pword").value, "testpass", "Checking password 6");
is($_(6, "rword").value, "", "Checking password 6 (r)");
// Check form 7
is($_("uname7").value, "testuser7", "Checking username7");
is($_("pword7").value, "testpass7", "Checking password7");
is($_("pword7B").value, "", "Checking password7B");
is($_("pword7C").value, "", "Checking password7C");
is($_(7, "uname").value, "testuser", "Checking username 7");
todo_is($_(7, "qword").value, "", "Checking password 7 (q)");
is($_(7, "rword").value, "", "Checking password 7 (r)");
todo_is($_(7, "pword").value, "testpass", "Checking password 7");
// Check form 8
is($_("uname8").value, "testuser8", "Checking username8");
is($_("pword8").value, "testpass8", "Checking password8");
is($_("pword8B").value, "", "Checking password8B");
is($_("pword8C").value, "", "Checking password8C");
is($_(8, "uname").value, "testuser", "Checking username 8");
todo_is($_(8, "qword").value, "", "Checking password 8 (q)");
is($_(8, "rword").value, "", "Checking password 8 (r)");
todo_is($_(8, "pword").value, "testpass", "Checking password 8");
// Check form 9
is($_("uname9").value, "testuser9", "Checking username9");
is($_("pword9").value, "testpass9", "Checking password9");
is($_("pword9B").value, "", "Checking password9B");
is($_("pword9C").value, "", "Checking password9C");
is($_(9, "uname").value, "testuser", "Checking username 9");
todo_is($_(9, "qword").value, "", "Checking password 9 (q)");
is($_(9, "rword").value, "", "Checking password 9 (r)");
is($_(9, "pword").value, "testpass", "Checking password 9");
// TODO: as with the 2-password cases, add tests to check for creating new
// logins and changing passwords.

18
toolkit/components/passwordmgr/test/test_bug_221634.html
View File

@ -12,9 +12,9 @@ Login Manager test: 221634
<p id="display"></p>
<div id="content" style="display: none">
<form action="formtest.js" method="get">
<input type="text" name="uname1" value="">
<input type="password" name="pword1" value="">
<form id="form1" action="formtest.js">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset</button>
@ -32,8 +32,8 @@ var testHappened = false;
var pageloadHappened = false;
// We're still loading the page, so make sure nothing has filled in yet.
is($_("uname1").value, "", "Checking unfilled username 1");
is($_("pword1").value, "", "Checking unfilled password 1");
is($_(1, "uname").value, "", "Checking unfilled username 1");
is($_(1, "pword").value, "", "Checking unfilled password 1");
document.addEventListener("DOMContentLoaded", contentLoaded, false);
@ -61,8 +61,8 @@ function performTest() {
ok(!pageloadHappened, "Sanity check to ensure pageload hasn't happened yet.")
// Check form1
is($_("uname1").value, "testuser1", "Checking filled username 1");
is($_("pword1").value, "testpass1", "Checking filled password 1");
is($_(1, "uname").value, "testuser", "Checking filled username");
is($_(1, "pword").value, "testpass", "Checking filled password");
testHappened = true;
}
@ -73,8 +73,8 @@ function endTest() {
ok(testHappened, "Sanity check to make sure our test ran before pageload");
// Check form1
is($_("uname1").value, "testuser1", "Rechecking filled username 1");
is($_("pword1").value, "testpass1", "Rechecking filled password 1");
is($_(1, "uname").value, "testuser", "Rechecking filled username");
is($_(1, "pword").value, "testpass", "Rechecking filled password");
pageloadHappened = true;

77
toolkit/components/passwordmgr/test/test_bug_227640.html
View File

@ -14,8 +14,8 @@ Login Manager test: 227640
<!-- no autocomplete for password field -->
<form id="form1" onsubmit="return checkSubmit(1)" method="get">
<input type="text" name="uname1" value="">
<input type="password" name="pword1" value="" autocomplete=off>
<input type="text" name="uname" value="">
<input type="password" name="pword" value="" autocomplete=off>
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -23,8 +23,8 @@ Login Manager test: 227640
<!-- no autocomplete for username field -->
<form id="form2" onsubmit="return checkSubmit(2);" method="get">
<input type="text" name="uname2" value="" autocomplete=off>
<input type="password" name="pword2" value="">
<input type="text" name="uname" value="" autocomplete=off>
<input type="password" name="pword" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -32,8 +32,8 @@ Login Manager test: 227640
<!-- no autocomplete for username or password fields -->
<form id="form3" onsubmit="return checkSubmit(3);" method="get">
<input type="text" name="uname3" value="" autocomplete=off>
<input type="password" name="pword3" value="" autocomplete=off>
<input type="text" name="uname" value="" autocomplete=off>
<input type="password" name="pword" value="" autocomplete=off>
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -41,8 +41,8 @@ Login Manager test: 227640
<!-- no autocomplete for entire form -->
<form id="form4" onsubmit="return checkSubmit(4);" method="get" autocomplete=off>
<input type="text" name="uname4" value="">
<input type="password" name="pword4" value="">
<input type="text" name="uname" value="">
<input type="password" name="pword" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -50,8 +50,8 @@ Login Manager test: 227640
<!-- no autocomplete for entire form and password field -->
<form id="form5" onsubmit="return checkSubmit(5);" method="get">
<input type="text" name="uname5" value="">
<input type="password" name="pword5" value="" autocomplete=off>
<input type="text" name="uname" value="">
<input type="password" name="pword" value="" autocomplete=off>
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -59,8 +59,8 @@ Login Manager test: 227640
<!-- no autocomplete for entire form and username field -->
<form id="form6" onsubmit="return checkSubmit(6);" method="get">
<input type="text" name="uname6" value="" autocomplete=off>
<input type="password" name="pword6" value="">
<input type="text" name="uname" value="" autocomplete=off>
<input type="password" name="pword" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -68,8 +68,8 @@ Login Manager test: 227640
<!-- no autocomplete for entire form, userfield, and password field -->
<form id="form7" onsubmit="return checkSubmit(7);" method="get" autocomplete=off>
<input type="text" name="uname7" value="" autocomplete=off>
<input type="password" name="pword7" value="" autocomplete=off>
<input type="text" name="uname" value="" autocomplete=off>
<input type="password" name="pword" value="" autocomplete=off>
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -81,8 +81,8 @@ Login Manager test: 227640
<!-- no autocomplete for password field -->
<form id="form8" onsubmit="return checkSubmit(8);" method="get">
<input type="text" name="xxxuname1" value="newuser1">
<input type="password" name="xxxpword1" value="newpass1" autocomplete=off>
<input type="text" name="xxxuname" value="newuser">
<input type="password" name="xxxpword" value="newpass" autocomplete=off>
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -90,8 +90,8 @@ Login Manager test: 227640
<!-- no autocomplete for username field -->
<form id="form9" onsubmit="return checkSubmit(9);" method="get">
<input type="text" name="xxxuname2" value="newuser2" autocomplete=off>
<input type="password" name="xxxpword2" value="newpass2">
<input type="text" name="xxxuname" value="newuser" autocomplete=off>
<input type="password" name="xxxpword" value="newpass">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -99,8 +99,8 @@ Login Manager test: 227640
<!-- no autocomplete for username or password fields -->
<form id="form10" onsubmit="return checkSubmit(10);" method="get">
<input type="text" name="xxxuname3" value="newuser3" autocomplete=off>
<input type="password" name="xxxpword3" value="newpass3" autocomplete=off>
<input type="text" name="xxxuname" value="newuser" autocomplete=off>
<input type="password" name="xxxpword" value="newpass" autocomplete=off>
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -108,8 +108,8 @@ Login Manager test: 227640
<!-- no autocomplete for entire form -->
<form id="form11" onsubmit="return checkSubmit(11);" method="get" autocomplete=off>
<input type="text" name="xxxuname4" value="newuser4">
<input type="password" name="xxxpword4" value="newpass4">
<input type="text" name="xxxuname" value="newuser">
<input type="password" name="xxxpword" value="newpass">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -117,8 +117,8 @@ Login Manager test: 227640
<!-- no autocomplete for entire form and password field -->
<form id="form12" onsubmit="return checkSubmit(12);" method="get">
<input type="text" name="xxxuname5" value="newuser5">
<input type="password" name="xxxpword5" value="newpass5" autocomplete=off>
<input type="text" name="xxxuname" value="newuser">
<input type="password" name="xxxpword" value="newpass" autocomplete=off>
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -126,8 +126,8 @@ Login Manager test: 227640
<!-- no autocomplete for entire form and username field -->
<form id="form13" onsubmit="return checkSubmit(13);" method="get">
<input type="text" name="xxxuname6" value="newuser6" autocomplete=off>
<input type="password" name="xxxpword6" value="newpass6">
<input type="text" name="xxxuname" value="newuser" autocomplete=off>
<input type="password" name="xxxpword" value="newpass">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -135,8 +135,8 @@ Login Manager test: 227640
<!-- no autocomplete for entire form, userfield, and password field -->
<form id="form14" onsubmit="return checkSubmit(14);" method="get" autocomplete=off>
<input type="text" name="xxxuname7" value="newuser7" autocomplete=off>
<input type="password" name="xxxpword7" value="newpass7" autocomplete=off>
<input type="text" name="xxxuname" value="newuser" autocomplete=off>
<input type="password" name="xxxpword" value="newpass" autocomplete=off>
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -146,7 +146,8 @@ Login Manager test: 227640
<pre id="test">
<script class="testbody" type="text/javascript">
/** Test for Login Manager: 227640 (password is saved even when the password field has autocomplete="off") **/
/** Test for Login Manager: 227640 (password is saved even when the
password field has autocomplete="off") **/
// This test ensures that pwmgr does not save a username or password when
// autocomplete=off is present.
@ -155,20 +156,21 @@ var numStartingLogins = 0;
var numSubmittedForms = 0;
function startTest() {
// Get current number of logins, to make sure we don't end up storing new logins.
// Get current number of logins, so we can know if some accidently get
// added during the test.
numStartingLogins = countLogins();
ok(numStartingLogins > 0, "counting logins at start");
// Check first set of forms, which should be filled by pwmgr.
for (var i = 1; i <= 7; i++) {
is($_("uname" + i).value, "testuser" + i, "Checking for filled username " + i);
is($_("pword" + i).value, "testpass" + i, "Checking for filled password " + i);
is($_(i, "uname").value, "testuser", "Checking for filled username " + i);
is($_(i, "pword").value, "testpass", "Checking for filled password " + i);
}
// Check second set of forms, which should have preset values (and are unknown to pwmgr).
for (var i = 1; i <= 7; i++) {
is($_("xxxuname" + i).value, "newuser" + i, "Checking for unmodified username " + i);
is($_("xxxpword" + i).value, "newpass" + i, "Checking for unmodified password " + i);
for (var i = 8; i <= 14; i++) {
is($_(i, "xxxuname").value, "newuser", "Checking unmodified username " + i);
is($_(i, "xxxpword").value, "newpass", "Checking unmodified password " + i);
}
var button = getFormSubmitButton(1);
@ -184,7 +186,7 @@ function checkSubmit(formNum) {
// End the test at the last form.
if (formNum == 14) {
is(numSubmittedForms, 14, "Ensuring all forms were submitted for testing.");;
is(numSubmittedForms, 14, "Ensuring all forms were submitted.");;
var numEndingLogins = countLogins();
ok(numEndingLogins > 0, "counting logins at end");
@ -208,7 +210,8 @@ function getFormSubmitButton(formNum) {
var form = $("form" + formNum); // by id, not name
ok(form != null, "getting form " + formNum);
// we can't just call form.submit(), because that doesn't seem to invoke the form onsubmit handler.
// we can't just call form.submit(), because that doesn't seem to
// invoke the form onsubmit handler.
var button = form.firstChild;
while (button && button.type != "submit") { button = button.nextSibling; }
ok(button != null, "getting form submit button");

177
toolkit/components/passwordmgr/test/test_bug_242956.html
View File

@ -11,186 +11,109 @@
Login Manager test: 242956
<p id="display"></p>
<div id="content" style="display: none">
<!-- pword1 is not a type=password input -->
<form action="formtest.js" method="get">
<input type="text" name="uname1" value="">
<input type="text" name="pword1" value="">
<!-- pword is not a type=password input -->
<form id="form1" action="formtest.js">
<input type="text" name="uname">
<input type="text" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- uname2 is not a type=text input -->
<form action="formtest.js" method="get">
<input type="password" name="uname2" value="">
<input type="password" name="pword2" value="">
<!-- uname is not a type=text input -->
<form id="form2" action="formtest.js">
<input type="password" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- two "pword3" inputs, (text + password) -->
<form action="formtest.js" method="get">
<input type="text" name="uname3" value="">
<input type="text" name="pword3" value="">
<input type="password" name="pword3" value="">
<!-- two "pword" inputs, (text + password) -->
<form id="form3" action="formtest.js">
<input type="text" name="uname">
<input type="text" name="pword">
<input type="password" name="qword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- same thing, different order -->
<form action="formtest.js" method="get">
<input type="text" name="uname4" value="">
<input type="password" name="pword4" value="">
<input type="text" name="pword4" value="">
<form id="form4" action="formtest.js">
<input type="text" name="uname">
<input type="password" name="pword">
<input type="text" name="qword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- two "uname5" inputs, (text + password) -->
<form action="formtest.js" method="get">
<input type="text" name="uname5" value="">
<input type="password" name="uname5" value="">
<input type="password" name="pword5" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- same thing, different order -->
<form action="formtest.js" method="get">
<input type="password" name="uname6" value="">
<input type="text" name="uname6" value="">
<input type="password" name="pword6" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- uname7 is not a type=text input (try a checkbox just for variety) -->
<form action="formtest.js" method="get">
<input type="checkbox" name="uname7" value="">
<input type="password" name="pword7" value="">
<!-- uname is not a type=text input (try a checkbox just for variety) -->
<form id="form5" action="formtest.js">
<input type="checkbox" name="uname" value="">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- pword8 is not a type=password input (try a checkbox just for variety) -->
<form action="formtest.js" method="get">
<input type="text" name="uname8" value="">
<input type="checkbox" name="pword8" value="">
<!-- pword is not a type=password input (try a checkbox just for variety) -->
<form id="form6" action="formtest.js">
<input type="text" name="uname">
<input type="checkbox" name="pword" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- pword9 is not a type=password input -->
<form action="formtest.js" method="get">
<input type="text" name="uname9" value="testuser9">
<input type="text" name="pword9" value="">
<!-- pword is not a type=password input -->
<form id="form7" action="formtest.js">
<input type="text" name="uname" value="testuser">
<input type="text" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- uname10 is not a type=text input -->
<form action="formtest.js" method="get">
<input type="password" name="uname10" value="testuser10">
<input type="password" name="pword10" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
</div>
<pre id="test">
<script class="testbody" type="text/javascript">
/** Test for Login Manager: 242956 (Stored password is inserted into a readable text input on a second page) **/
/** Test for Login Manager: 242956 (Stored password is inserted into a
readable text input on a second page) **/
// Make sure that pwmgr only puts passwords into type=password <input>s.
// Might as well test the converse, too (username in password field).
function startTest() {
for (var i = 1; i <= 8; i++) {
if (i >= 3 && i <= 6) { continue; } // handle these below.
// Check form i
is($_("uname" + i).value, "", "Checking for unfilled username " + i);
is($_("pword" + i).value, "", "Checking for unfilled password " + i);
}
// Forms 3 and 4 have two password inputs with the same name
var form, input;
form = document.forms[2];
input = form.elements[0];
is(input.type, "text", "confirming user field 3 type");
is(input.name, "uname3", "confirming user field 3 name");
//is(input.value, "testuser3", "checking user field 3 value");
todo(input.value == "testuser3", "ignore bogus <input> and fill testuser3");
input = form.elements[1];
is(input.type, "text", "confirming bogus password field 3 type");
is(input.name, "pword3", "confirming bogus password field 3 name");
is(input.value, "", "checking bogus password field 3 value");
input = form.elements[2];
is(input.type, "password", "confirming legit password field 3 type");
is(input.name, "pword3", "confirming legit password field 3 type");
//is(input.value, "testpass3", "checking legit password field 3 value");
todo(input.value == "testpass3", "ignore bogus <input> and fill testpass3");
is($_(1, "uname").value, "", "Checking for unfilled username 1");
is($_(1, "pword").value, "", "Checking for unfilled password 1");
form = document.forms[3];
input = form.elements[0];
is(input.type, "text", "confirming user field 4 type");
is(input.name, "uname4", "confirming user field 4 name");
is(input.value, "testuser4", "checking user field 4 value");
input = form.elements[1];
is(input.type, "password", "confirming legit password field 4 type");
is(input.name, "pword4", "confirming legit password field 4 type");
is(input.value, "testpass4", "checking legit password field 4 value");
input = form.elements[2];
is(input.type, "text", "confirming bogus password field 4 type");
is(input.name, "pword4", "confirming bogus password field 4 name");
is(input.value, "", "checking bogus password field 4 value");
is($_(2, "uname").value, "testpass", "Checking for password not username 2");
is($_(2, "pword").value, "", "Checking for unfilled password 2");
// Forms 5 and 6 have two username inputs with the same name
form = document.forms[4];
input = form.elements[0];
is(input.type, "text", "confirming legit user field 5 type");
is(input.name, "uname5", "confirming legit user field 5 name");
is(input.value, "testuser5", "checking legit user field 5 value");
input = form.elements[1];
is(input.type, "password", "confirming bogus user field 5 type");
is(input.name, "uname5", "confirming bogus user field 5 name");
is(input.value, "", "checking bogus user field 5 value");
input = form.elements[2];
is(input.type, "password", "confirming password field 5 ");
is(input.name, "pword5", "confirming password field 5 ");
is(input.value, "testpass5", "checking password field 5 value");
is($_(3, "uname").value, "", "Checking for unfilled username 3");
is($_(3, "pword").value, "testuser", "Checking for unfilled password 3");
is($_(3, "qword").value, "testpass", "Checking for unfilled qassword 3");
form = document.forms[5];
input = form.elements[0];
is(input.type, "password", "confirming bogus user field 6 type");
is(input.name, "uname6", "confirming bogus user field 6 name");
is(input.value, "", "checking bogus user field 6 value");
input = form.elements[1];
is(input.type, "text", "confirming legit user field 6 type");
is(input.name, "uname6", "confirming legit user field 6 name");
//is(input.value, "testuser6", "checking legit user field 6 value");
todo(input.value == "testuser6", "ignore bogus <input> and fill testuser6");
input = form.elements[2];
is(input.type, "password", "confirming password field 6 type");
is(input.name, "pword6", "confirming password field 6 name");
//is(input.value, "testpass6", "");
todo(input.value == "testpass6", "ignore bogus <input> and fill testpass6");
is($_(4, "uname").value, "testuser", "Checking for password not username 4");
is($_(4, "pword").value, "testpass", "Checking for unfilled password 4");
is($_(4, "qword").value, "", "Checking for unfilled qassword 4");
is($_(5, "uname").value, "", "Checking for unfilled username 5");
is($_(5, "pword").value, "testpass", "Checking for filled password 5");
is($_(6, "uname").value, "", "Checking for unfilled username 6");
is($_(6, "pword").value, "", "Checking for unfilled password 6");
is($_(7, "uname").value, "testuser", "Checking for unmodified username 7");
is($_(7, "pword").value, "", "Checking for unfilled password 7");
is($_("uname9").value, "testuser9", "Checking for unmodified username 9");
is($_("pword9").value, "", "Checking for unfilled password 9");
is($_("uname10").value, "testuser10", "Checking for unmodified username 10");
is($_("pword10").value, "", "Checking for unfilled password 10");
SimpleTest.finish();
}

135
toolkit/components/passwordmgr/test/test_bug_270558.html
View File

@ -1,135 +0,0 @@
<!DOCTYPE HTML>
<html>
<head>
<title>Test for Login Manager</title>
<script type="text/javascript" src="/MochiKit/MochiKit.js"></script>
<script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
<script type="text/javascript" src="pwmgr_common.js"></script>
<link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
</head>
<body>
Login Manager test: 270558
<p id="display"></p>
<div id="content" style="display: none">
<!-- normal, simple form. -->
<form action="formtest.js" method="get">
<input type="text" name="uname1" value="">
<input type="password" name="pword1" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- prefilled with correct username -->
<form action="formtest.js" method="get">
<input type="text" name="uname2" value="testuser2">
<input type="password" name="pword2" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- prefilled with correct password -->
<form action="formtest.js" method="get">
<input type="text" name="uname3" value="">
<input type="password" name="pword3" value="testpass3">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- prefilled with correct username and password -->
<form action="formtest.js" method="get">
<input type="text" name="uname4" value="testuser4">
<input type="password" name="pword4" value="testpass4">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- prefilled with an unknown username (don't clobber it!) -->
<form action="formtest.js" method="get">
<input type="text" name="uname5" value="xxORIG5xx">
<input type="password" name="pword5" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- prefilled with an unknown password (don't clobber it!) -->
<form action="formtest.js" method="get">
<input type="text" name="uname6" value="">
<input type="password" name="pword6" value="xxORIG6xx">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- prefilled with an unknown username and password (don't clobber it!) -->
<form action="formtest.js" method="get">
<input type="text" name="uname7" value="xxORIG7Uxx">
<input type="password" name="pword7" value="xxORIG7Pxx">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- prefilled with a known username, but not for these inputs. -->
<form action="formtest.js" method="get">
<input type="text" name="uname8" value="testuser9">
<input type="password" name="pword8" value="">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- TODO: test when multiple matching accounts are known -->
<!-- TODO: test with prefilled known login for some other site and/or action url. -->
</div>
<pre id="test">
<script class="testbody" type="text/javascript">
/** Test for Login Manager: 270558 (Password manager should not fill in username and
password if the username field is pre-filled by the server to a different username.
(frequent problem with phpBB admin interface)) **/
// This test ensures pwmgr will not overwrite a prefilled username or password.
function startTest() {
// These form are partially filled with correct login info.
for (var i = 1; i <= 4; i++) {
// Check form i
is($_("uname" + i).value, "testuser" + i, "Checking for filled username " + i);
is($_("pword" + i).value, "testpass" + i, "Checking for filled password " + i);
}
// These test forms partially filled with unknown login info (so pwmgr shouldn't touch them).
is($_("uname5").value, "xxORIG5xx", "Checking for filled username ");
is($_("pword5").value, "", "Checking for filled password ");
todo(false, "pwmgr will clobber the prefilled data in this weird edge case.");
if (false) {
is($_("uname6").value, "", "Checking for filled username ");
is($_("pword6").value, "xxORIG6xx", "Checking for filled password ");
}
is($_("uname7").value, "xxORIG7Uxx", "Checking for filled username ");
is($_("pword7").value, "xxORIG7Pxx", "Checking for filled password ");
// This tests a form with a known username, but in the wrong inputs.
is($_("uname8").value, "testuser9", "Checking for filled username ");
is($_("pword8").value, "", "Checking for filled password ");
SimpleTest.finish();
}
window.onload = startTest;
SimpleTest.waitForExplicitFinish();
</script>
</pre>
</body>
</html>

75
toolkit/components/passwordmgr/test/test_bug_360493_1.html
View File

@ -13,90 +13,90 @@ Login Manager test: 360493
<div id="content" style="display: none">
<!-- normal form with normal relative action. -->
<form action="formtest.js" method="get">
<input type="text" name="uname1" value="">
<input type="password" name="pword1" value="">
<form id="form1" action="formtest.js">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- fully specify the action URL -->
<form action="http://localhost:8888/tests/toolkit/components/passwordmgr/test/formtest.js" method="get">
<input type="text" name="uname2" value="">
<input type="password" name="pword2" value="">
<form id="form2" action="http://localhost:8888/tests/toolkit/components/passwordmgr/test/formtest.js">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- fully specify the action URL, and change the path -->
<form action="http://localhost:8888/zomg/wtf/bbq/passwordmgr/test/formtest.js" method="get">
<input type="text" name="uname3" value="">
<input type="password" name="pword3" value="">
<form id="form3" action="http://localhost:8888/zomg/wtf/bbq/passwordmgr/test/formtest.js">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- fully specify the action URL, and change the path and filename -->
<form action="http://localhost:8888/zomg/wtf/bbq/passwordmgr/test/not_a_test.js" method="get">
<input type="text" name="uname4" value="">
<input type="password" name="pword4" value="">
<form id="form4" action="http://localhost:8888/zomg/wtf/bbq/passwordmgr/test/not_a_test.js">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- specify the action URL relative to the current document-->
<form action="./formtest.js" method="get">
<input type="text" name="uname5" value="">
<input type="password" name="pword5" value="">
<form id="form5" action="./formtest.js">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- specify the action URL relative to the current server -->
<form action="/tests/toolkit/components/passwordmgr/test/formtest.js" method="get">
<input type="text" name="uname6" value="">
<input type="password" name="pword6" value="">
<form id="form6" action="/tests/toolkit/components/passwordmgr/test/formtest.js">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- Change the method from get to post -->
<form action="formtest.js" method="POST">
<input type="text" name="uname7" value="">
<input type="password" name="pword7" value="">
<form id="form7" action="formtest.js" method="POST">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- Blank action URL specified -->
<form action="" method="get">
<input type="text" name="uname8" value="">
<input type="password" name="pword8" value="">
<form id="form8" action="">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- |action| attribute entirely missing -->
<form method="get">
<input type="text" name="uname9" value="">
<input type="password" name="pword9" value="">
<form id="form9" >
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- action url as javascript -->
<form action="javascript:alert('this form is not submitted so this alert should not be invoked');">
<input type="text" name="uname10" value="">
<input type="password" name="pword10" value="">
<form id="form10" action="javascript:alert('this form is not submitted so this alert should not be invoked');">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
@ -108,21 +108,22 @@ Login Manager test: 360493
<pre id="test">
<script class="testbody" type="text/javascript">
/** Test for Login Manager: 360493 (Cross-Site Forms + Password Manager = Security Failure) **/
/** Test for Login Manager: 360493 (Cross-Site Forms + Password
Manager = Security Failure) **/
// This test is designed to make sure variations on the form's |action| and |method|
// continue to work with the fix for 360493.
// This test is designed to make sure variations on the form's |action|
// and |method| continue to work with the fix for 360493.
function startTest() {
for (var i = 1; i <= 9; i++) {
// Check form i
is($_("uname" + i).value, "testuser" + i, "Checking for filled username " + i);
is($_("pword" + i).value, "testpass" + i, "Checking for filled password " + i);
is($_(i, "uname").value, "testuser", "Checking for filled username " + i);
is($_(i, "pword").value, "testpass", "Checking for filled password " + i);
}
// Not sure if we spec'd how JS urls should be handled here.
todo($_("uname10") == "testuser10", "Checking for filled username when action is js: URL");
todo($_("upass10") == "testpass10", "Checking for filled password when action is js: URL");
todo_is($_(10, "uname"), "testuser", "Checking username w/ JS action URL");
todo_is($_(10, "pword"), "testpass", "Checking password w/ JS action URL");
SimpleTest.finish();
}

94
toolkit/components/passwordmgr/test/test_bug_360493_2.html
View File

@ -15,91 +15,91 @@ Login Manager test: 360493
<!-- The tests in this page exercise things that shouldn't work. -->
<!-- Change port # of action URL from 8888 to 7777 -->
<form action="http://localhost:7777/tests/toolkit/components/passwordmgr/test/formtest.js" method="get">
<input type="text" name="uname1" value="">
<input type="password" name="pword1" value="">
<form id="form1" action="http://localhost:7777/tests/toolkit/components/passwordmgr/test/formtest.js">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- No port # in action URL -->
<form action="http://localhost/tests/toolkit/components/passwordmgr/test/formtest.js" method="get">
<input type="text" name="uname2" value="">
<input type="password" name="pword2" value="">
<form id="form2" action="http://localhost/tests/toolkit/components/passwordmgr/test/formtest.js">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- Change protocol from http:// to ftp://, include the expected 8888 port # -->
<form action="ftp://localhost:8888/tests/toolkit/components/passwordmgr/test/formtest.js" method="get">
<input type="text" name="uname3" value="">
<input type="password" name="pword3" value="">
<form id="form3" action="ftp://localhost:8888/tests/toolkit/components/passwordmgr/test/formtest.js">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- Change protocol from http:// to ftp://, no port # specified -->
<form action="ftp://localhost/tests/toolkit/components/passwordmgr/test/formtest.js" method="get">
<input type="text" name="uname4" value="">
<input type="password" name="pword4" value="">
<form id="form4" action="ftp://localhost/tests/toolkit/components/passwordmgr/test/formtest.js">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- Try a weird URL. -->
<form action="about:blank" method="get">
<input type="text" name="uname5" value="">
<input type="password" name="pword5" value="">
<form id="form5" action="about:blank">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- Try a weird URL. (If the normal embedded action URL doesn't work, that should mean other URLs won't either) -->
<form action="view-source:http://localhost:8888/tests/toolkit/components/passwordmgr/test/formtest.js" method="get">
<input type="text" name="uname6" value="">
<input type="password" name="pword6" value="">
<form id="form6" action="view-source:http://localhost:8888/tests/toolkit/components/passwordmgr/test/formtest.js">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- Try a weird URL. -->
<form action="view-source:formtest.js" method="get">
<input type="text" name="uname7" value="">
<input type="password" name="pword7" value="">
<form id="form7" action="view-source:formtest.js">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- Action URL points to a different host (this is the archetypical exploit) -->
<form action="http://www.cnn.com/" method="get">
<input type="text" name="uname8" value="">
<input type="password" name="pword8" value="">
<form id="form8" action="http://www.cnn.com/">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- Action URL points to a different host, user field prefilled -->
<form action="http://www.cnn.com/" method="get">
<input type="text" name="uname9" value="testuser9">
<input type="password" name="pword9" value="">
<form id="form9" action="http://www.cnn.com/">
<input type="text" name="uname" value="testuser">
<input type="password" name="pword">
<button type="submit">Submit</button>
<button type="reset"> Reset </button>
</form>
<!-- Try wrapping a evil form around a good form, to see if we can confuse the parser. -->
<form action="http://www.cnn.com/" method="get">
<form action="formtest.js" method="get">
<input type="text" name="uname10" value="">
<input type="password" name="pword10" value="">
<form id="form10-A" action="http://www.cnn.com/">
<form id="form10-B" action="formtest.js">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit (inner)</button>
<button type="reset"> Reset (inner)</button>
@ -109,10 +109,10 @@ Login Manager test: 360493
</form>
<!-- Try wrapping a good form around an evil form, to see if we can confuse the parser. -->
<form action="formtest.js" method="get">
<form action="http://www.cnn.com/" method="get">
<input type="text" name="uname11" value="">
<input type="password" name="pword11" value="">
<form id="form11-A" action="formtest.js">
<form id="form11-B" action="http://www.cnn.com/">
<input type="text" name="uname">
<input type="password" name="pword">
<button type="submit">Submit (inner)</button>
<button type="reset"> Reset (inner)</button>
@ -134,24 +134,28 @@ Login Manager test: 360493
function startTest() {
for (var i = 1; i <= 8; i++) {
// Check form i
is($_("uname" + i).value, "", "Checking for unfilled username " + i);
is($_("pword" + i).value, "", "Checking for unfilled password " + i);
is($_(i, "uname").value, "", "Checking for unfilled username " + i);
is($_(i, "pword").value, "", "Checking for unfilled password " + i);
}
is($_("uname9").value, "testuser9", "Checking for unmodified username 9");
is($_("pword9").value, "", "Checking for unfilled password 9");
is($_(9, "uname").value, "testuser", "Checking for unmodified username 9");
is($_(9, "pword").value, "", "Checking for unfilled password 9");
is($_("uname10").value, "", "Checking for unfilled username 10");
is($_("pword10").value, "", "Checking for unfilled password 10");
is($_("10-A", "uname").value, "", "Checking for unfilled username 10A");
is($_("10-A", "pword").value, "", "Checking for unfilled password 10A");
//is($_("10-B", "uname").value, "", "Checking for unfilled username 10B");
//is($_("10-B", "pword").value, "", "Checking for unfilled password 10B");
// The DOM indicates this form could be filled, as the evil inner form
// is discarded. And yet pwmgr seems not to fill it. Not sure why.
todo(false, "Mangled form combo not being filled when maybe it could be?");
is($_("uname11").value, "", "Checking for unfilled username 11");
is($_("pword11").value, "", "Checking for unfilled password 11");
is($_("11-A", "uname").value, "testuser", "Checking filled username 11A");
is($_("11-A", "pword").value, "testpass", "Checking filled password 11A");
//is($_("11-B", "uname").value, "", "Checking for unfilled username 11B");
//is($_("11-B", "pword").value, "", "Checking for unfilled password 11B");
// Verify this by making sure there are no extra forms in the document, and that
// the submit button for the neutered forms don't do anything.
// Verify this by making sure there are no extra forms in the document, and
// that the submit button for the neutered forms don't do anything.
// If the test finds extra forms the submit() causes the test to timeout, then
// there may be a security issue.
is(document.forms.length, 11, "Checking for unexpected forms");