Bug 1272507 - Upgrade HTTP auth passwords to HTTPS on the same domain. r=dolske
We can't use LoginHelper.searchLoginsWithObject({ schmeUpgrades: true, …}) in place of countLogins since it would trigger a MP prompt.
This approach adds some inconsistency but until we have a login picker in the auth dialog (
bug 227632), I don't think we will want much looser searches anyways.
MozReview-Commit-ID: GgMCAwKdhl1
--- a/toolkit/components/passwordmgr/nsLoginManagerPrompter.js
+++ b/toolkit/components/passwordmgr/nsLoginManagerPrompter.js
@@ -83,16 +83,20 @@ LoginManagerPromptFactory.prototype = {
}
// If login manger has logins for this host, defer prompting if we're
// already waiting on a master password entry.
var prompt = this._asyncPrompts[hashKey];
var prompter = prompt.prompter;
var [hostname, httpRealm] = prompter._getAuthTarget(prompt.channel, prompt.authInfo);
var hasLogins = (prompter._pwmgr.countLogins(hostname, null, httpRealm) > 0);
+ if (!hasLogins && LoginHelper.schemeUpgrades && hostname.startsWith("https://")) {
+ let httpHostname = hostname.replace(/^https:\/\//, "http://");
+ hasLogins = (prompter._pwmgr.countLogins(httpHostname, null, httpRealm) > 0);
+ }
if (hasLogins && prompter._pwmgr.uiBusy) {
this.log("_doAsyncPrompt:run bypassed, master password UI busy");
return;
}
this._asyncPromptInProgress = true;
prompt.inProgress = true;
@@ -506,31 +510,41 @@ LoginManagerPrompter.prototype = {
*/
promptAuth : function (aChannel, aLevel, aAuthInfo) {
var selectedLogin = null;
var checkbox = { value : false };
var checkboxLabel = null;
var epicfail = false;
var canAutologin = false;
var notifyObj;
+ var foundLogins;
try {
this.log("===== promptAuth called =====");
// If the user submits a login but it fails, we need to remove the
// notification bar that was displayed. Conveniently, the user will
// be prompted for authentication again, which brings us here.
this._removeLoginNotifications();
var [hostname, httpRealm] = this._getAuthTarget(aChannel, aAuthInfo);
// Looks for existing logins to prefill the prompt with.
- var foundLogins = this._pwmgr.findLogins({},
- hostname, null, httpRealm);
- this.log("found " + foundLogins.length + " matching logins.");
+ foundLogins = LoginHelper.searchLoginsWithObject({
+ hostname,
+ httpRealm,
+ schemeUpgrades: LoginHelper.schemeUpgrades,
+ });
+ this.log("found", foundLogins.length, "matching logins.");
+ let resolveBy = [
+ "scheme",
+ "timePasswordChanged",
+ ];
+ foundLogins = LoginHelper.dedupeLogins(foundLogins, ["username"], resolveBy, hostname);
+ this.log(foundLogins.length, "matching logins remain after deduping");
// XXX Can't select from multiple accounts yet. (bug 227632)
if (foundLogins.length > 0) {
selectedLogin = foundLogins[0];
this._SetAuthInfo(aAuthInfo, selectedLogin.username,
selectedLogin.password);
// Allow automatic proxy login