From e9c81334084646c28633d9281c02814fc262bb14 Mon Sep 17 00:00:00 2001 From: Emanuele Feliziani Date: Tue, 31 Oct 2023 08:48:03 +0100 Subject: [PATCH] Re-enable mutObs with better safeguards (#403) * Improve skipping search forms Signed-off-by: Emanuele Feliziani * Limit the upward traversal when searching the form Signed-off-by: Emanuele Feliziani * Fix type Signed-off-by: Emanuele Feliziani * Re-enable the mutation observer within the form Signed-off-by: Emanuele Feliziani * Rename constant Signed-off-by: Emanuele Feliziani * Add comment Signed-off-by: Emanuele Feliziani * Add compiled files Signed-off-by: Emanuele Feliziani * Fix name in test harness Signed-off-by: Emanuele Feliziani * Add comment Signed-off-by: Emanuele Feliziani --------- Signed-off-by: Emanuele Feliziani --- dist/autofill-debug.js | 82 +++++++++++++++---- dist/autofill.js | 82 +++++++++++++++---- integration-test/helpers/harness.js | 4 +- .../tests/mutating-form.macos.spec.js | 2 +- src/Form/Form.js | 59 +++++++++++-- src/Form/Form.test.js | 2 +- .../__generated__/compiled-matching-config.js | 6 +- src/Form/matching-config/selectors-css.js | 17 ++-- src/Form/matching.js | 3 +- src/Form/test-cases/asana_search.html | 32 +++++++- src/Scanner.js | 11 ++- src/constants.js | 2 +- .../Resources/assets/autofill-debug.js | 82 +++++++++++++++---- swift-package/Resources/assets/autofill.js | 82 +++++++++++++++---- 14 files changed, 378 insertions(+), 88 deletions(-) diff --git a/dist/autofill-debug.js b/dist/autofill-debug.js index 5875c2c2a..cd79bd834 100644 --- a/dist/autofill-debug.js +++ b/dist/autofill-debug.js @@ -9437,7 +9437,8 @@ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { de const { ATTR_AUTOFILL, ATTR_INPUT_TYPE, - MAX_INPUTS_PER_FORM + MAX_INPUTS_PER_FORM, + MAX_FORM_RESCANS } = _constants.constants; class Form { /** @type {import("../Form/matching").Matching} */ @@ -9485,6 +9486,31 @@ class Form { if (!entry.isIntersecting) this.removeTooltip(); } }); + this.rescanCount = 0; + this.mutObsConfig = { + childList: true, + subtree: true + }; + this.mutObs = new MutationObserver(records => { + const anythingRemoved = records.some(record => record.removedNodes.length > 0); + if (anythingRemoved) { + // Ensure we destroy the form if it's removed from the DOM + if (!this.form.isConnected) { + this.destroy(); + return; + } + // Must check for inputs because a parent may be removed and not show up in record.removedNodes + if ([...this.inputs.all].some(input => !input.isConnected)) { + // This is re-connected in recategorizeAllInputs, disconnecting here to avoid risk of re-work + this.mutObs.disconnect(); + // If any known input has been removed from the DOM, reanalyze the whole form + window.requestIdleCallback(() => { + this.formAnalyzer = new _FormAnalyzer.default(this.form, input, this.matching); + this.recategorizeAllInputs(); + }); + } + } + }); // This ensures we fire the handler again if the form is changed this.addListener(form, 'input', () => { @@ -9703,6 +9729,12 @@ class Form { * Resets our input scoring and starts from scratch */ recategorizeAllInputs() { + // If the form mutates too much, disconnect to avoid performance issues + if (this.rescanCount >= MAX_FORM_RESCANS) { + this.mutObs.disconnect(); + return; + } + this.rescanCount++; this.initialScanComplete = false; this.removeAllDecorations(); this.forgetAllInputs(); @@ -9721,11 +9753,13 @@ class Form { } // This removes all listeners to avoid memory leaks and weird behaviours destroy() { + this.mutObs.disconnect(); this.removeAllDecorations(); this.removeTooltip(); this.forgetAllInputs(); this.matching.clear(); this.intObs = null; + this.device.scanner.forms.delete(this.form); } categorizeInputs() { const selector = this.matching.cssSelector('formInputsSelector'); @@ -9740,12 +9774,17 @@ class Form { if (foundInputs.length < MAX_INPUTS_PER_FORM) { foundInputs.forEach(input => this.addInput(input)); } else { - if ((0, _autofillUtils.shouldLog)()) { - console.log('The form has too many inputs, bailing.'); - } + // This is rather extreme, but better safe than sorry + this.device.scanner.stopScanner('The form has too many inputs, bailing.'); + return; } } this.initialScanComplete = true; + + // Observe only if the container isn't the body, to avoid performance overloads + if (this.form !== document.body) { + this.mutObs.observe(this.form, this.mutObsConfig); + } } get submitButtons() { const selector = this.matching.cssSelector('submitButtonSelector'); @@ -9798,10 +9837,14 @@ class Form { // If the form has too many inputs, destroy everything to avoid performance issues if (this.inputs.all.size > MAX_INPUTS_PER_FORM) { - if ((0, _autofillUtils.shouldLog)()) { - console.log('The form has too many inputs, destroying.'); - } - this.destroy(); + this.device.scanner.stopScanner('The form has too many inputs, destroying.'); + return this; + } + + // When new inputs are added after the initial scan, reanalyze the whole form + if (this.initialScanComplete && this.rescanCount < MAX_FORM_RESCANS) { + this.formAnalyzer = new _FormAnalyzer.default(this.form, input, this.matching); + this.recategorizeAllInputs(); return this; } @@ -12026,12 +12069,12 @@ const matchingConfiguration = exports.matchingConfiguration = { strategies: { cssSelector: { selectors: { - genericTextField: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=file]):not([type=hidden]):not([type=month]):not([type=number]):not([type=radio]):not([type=range]):not([type=reset]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week])', + genericTextField: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=file]):not([type=hidden]):not([type=radio]):not([type=range]):not([type=reset]):not([type=image]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]):not([placeholder^=search i]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=month])', submitButtonSelector: 'input[type=submit], input[type=button], input[type=image], button:not([role=switch]):not([role=link]), [role=button], a[href="#"][id*=button i], a[href="#"][id*=btn i]', - formInputsSelector: 'input:not([type=submit]):not([type=button]):not([type=checkbox]):not([type=radio]):not([type=hidden]):not([type=file]):not([type=search]):not([type=reset]):not([type=image]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]), [autocomplete=username], select', + formInputsSelector: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=file]):not([type=hidden]):not([type=radio]):not([type=range]):not([type=reset]):not([type=image]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]):not([placeholder^=search i]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=month]),[autocomplete=username],select', safeUniversalSelector: '*:not(select):not(option):not(script):not(noscript):not(style):not(br)', emailAddress: 'input:not([type])[name*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([name*=code i]), input[type=""][name*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([type=tel]), input[type=text][name*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([name*=title i]):not([name*=tab i]):not([name*=code i]), input:not([type])[placeholder*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([name*=code i]), input[type=text][placeholder*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]), input[type=""][placeholder*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]), input[type=email], input[type=text][aria-label*=email i]:not([aria-label*=search i]), input:not([type])[aria-label*=email i]:not([aria-label*=search i]), input[name=username][type=email], input[autocomplete=username][type=email], input[autocomplete=username][placeholder*=email i], input[autocomplete=email],input[name="mail_tel" i],input[value=email i]', - username: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=file]):not([type=hidden]):not([type=month]):not([type=number]):not([type=radio]):not([type=range]):not([type=reset]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week])[autocomplete^=user i],input[name=username i],input[name="loginId" i],input[name="userid" i],input[id="userid" i],input[name="user_id" i],input[name="user-id" i],input[id="login-id" i],input[id="login_id" i],input[id="loginid" i],input[name="login" i],input[name=accountname i],input[autocomplete=username i],input[name*=accountid i],input[name="j_username" i],input[id="j_username" i],input[name="uwinid" i],input[name="livedoor_id" i],input[name="ssousername" i],input[name="j_userlogin_pwd" i],input[name="user[login]" i],input[name="user" i],input[name$="_username" i],input[id="lmSsoinput" i],input[name="account_subdomain" i],input[name="masterid" i],input[name="tridField" i],input[id="signInName" i],input[id="w3c_accountsbundle_accountrequeststep1_login" i],input[id="username" i],input[name="_user" i],input[name="login_username" i],input[name^="login-user-account" i],input[id="loginusuario" i],input[name="usuario" i],input[id="UserLoginFormUsername" i],input[id="nw_username" i],input[can-field="accountName"],input[placeholder^="username" i]', + username: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=file]):not([type=hidden]):not([type=radio]):not([type=range]):not([type=reset]):not([type=image]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]):not([placeholder^=search i]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=month])[autocomplete^=user i],input[name=username i],input[name="loginId" i],input[name="userid" i],input[id="userid" i],input[name="user_id" i],input[name="user-id" i],input[id="login-id" i],input[id="login_id" i],input[id="loginid" i],input[name="login" i],input[name=accountname i],input[autocomplete=username i],input[name*=accountid i],input[name="j_username" i],input[id="j_username" i],input[name="uwinid" i],input[name="livedoor_id" i],input[name="ssousername" i],input[name="j_userlogin_pwd" i],input[name="user[login]" i],input[name="user" i],input[name$="_username" i],input[id="lmSsoinput" i],input[name="account_subdomain" i],input[name="masterid" i],input[name="tridField" i],input[id="signInName" i],input[id="w3c_accountsbundle_accountrequeststep1_login" i],input[id="username" i],input[name="_user" i],input[name="login_username" i],input[name^="login-user-account" i],input[id="loginusuario" i],input[name="usuario" i],input[id="UserLoginFormUsername" i],input[id="nw_username" i],input[can-field="accountName"],input[placeholder^="username" i]', password: 'input[type=password]:not([autocomplete*=cc]):not([autocomplete=one-time-code]):not([name*=answer i]):not([name*=mfa i]):not([name*=tin i]):not([name*=card i]):not([name*=cvv i]),input.js-cloudsave-phrase', cardName: 'input[autocomplete="cc-name" i], input[autocomplete="ccname" i], input[name="ccname" i], input[name="cc-name" i], input[name="ppw-accountHolderName" i], input[id*=cardname i], input[id*=card-name i], input[id*=card_name i]', cardNumber: 'input[autocomplete="cc-number" i], input[autocomplete="ccnumber" i], input[autocomplete="cardnumber" i], input[autocomplete="card-number" i], input[name="ccnumber" i], input[name="cc-number" i], input[name*=card i][name*=number i], input[name*=cardnumber i], input[id*=cardnumber i], input[id*=card-number i], input[id*=card_number i]', @@ -13087,7 +13130,8 @@ function getInputSubtype(input) { */ const removeExcessWhitespace = function () { let string = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : ''; - if (!string) return ''; + // The length check is extra safety to avoid trimming strings that would be discarded anyway + if (!string || string.length > TEXT_LENGTH_CUTOFF + 50) return ''; return string.replace(/\n/g, ' ').replace(/\s{2,}/g, ' ').trim(); }; @@ -13653,6 +13697,7 @@ const { * findEligibleInputs(context): Scanner; * matching: import("./Form/matching").Matching; * options: ScannerOptions; + * stopScanner: (reason: string, ...rest: any) => void; * }} Scanner * * @typedef {{ @@ -13794,7 +13839,7 @@ class DefaultScanner { /** * Stops scanning, switches off the mutation observer and clears all forms * @param {string} reason - * @param {...any} rest + * @param {any} rest */ stopScanner(reason) { this.stopped = true; @@ -13835,9 +13880,15 @@ class DefaultScanner { } } } + + /** + * Max number of nodes we want to traverse upwards, critical to avoid enclosing large portions of the DOM + * @type {number} + */ + let traversalLayerCount = 0; let element = input; // traverse the DOM to search for related inputs - while (element.parentElement && element.parentElement !== document.documentElement) { + while (traversalLayerCount <= 5 && element.parentElement && element.parentElement !== document.documentElement) { // Avoid overlapping containers or forms const siblingForm = element.parentElement?.querySelector('form'); if (siblingForm && siblingForm !== element) { @@ -13851,6 +13902,7 @@ class DefaultScanner { // found related input, return common ancestor return element; } + traversalLayerCount++; } return input; } @@ -16560,7 +16612,7 @@ const constants = exports.constants = { MAX_INPUTS_PER_PAGE: 100, MAX_FORMS_PER_PAGE: 30, MAX_INPUTS_PER_FORM: 80, - MAX_FORM_MUT_OBS_COUNT: 50 + MAX_FORM_RESCANS: 50 }; },{}],65:[function(require,module,exports){ diff --git a/dist/autofill.js b/dist/autofill.js index f8f022768..a517dd179 100644 --- a/dist/autofill.js +++ b/dist/autofill.js @@ -5492,7 +5492,8 @@ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { de const { ATTR_AUTOFILL, ATTR_INPUT_TYPE, - MAX_INPUTS_PER_FORM + MAX_INPUTS_PER_FORM, + MAX_FORM_RESCANS } = _constants.constants; class Form { /** @type {import("../Form/matching").Matching} */ @@ -5540,6 +5541,31 @@ class Form { if (!entry.isIntersecting) this.removeTooltip(); } }); + this.rescanCount = 0; + this.mutObsConfig = { + childList: true, + subtree: true + }; + this.mutObs = new MutationObserver(records => { + const anythingRemoved = records.some(record => record.removedNodes.length > 0); + if (anythingRemoved) { + // Ensure we destroy the form if it's removed from the DOM + if (!this.form.isConnected) { + this.destroy(); + return; + } + // Must check for inputs because a parent may be removed and not show up in record.removedNodes + if ([...this.inputs.all].some(input => !input.isConnected)) { + // This is re-connected in recategorizeAllInputs, disconnecting here to avoid risk of re-work + this.mutObs.disconnect(); + // If any known input has been removed from the DOM, reanalyze the whole form + window.requestIdleCallback(() => { + this.formAnalyzer = new _FormAnalyzer.default(this.form, input, this.matching); + this.recategorizeAllInputs(); + }); + } + } + }); // This ensures we fire the handler again if the form is changed this.addListener(form, 'input', () => { @@ -5758,6 +5784,12 @@ class Form { * Resets our input scoring and starts from scratch */ recategorizeAllInputs() { + // If the form mutates too much, disconnect to avoid performance issues + if (this.rescanCount >= MAX_FORM_RESCANS) { + this.mutObs.disconnect(); + return; + } + this.rescanCount++; this.initialScanComplete = false; this.removeAllDecorations(); this.forgetAllInputs(); @@ -5776,11 +5808,13 @@ class Form { } // This removes all listeners to avoid memory leaks and weird behaviours destroy() { + this.mutObs.disconnect(); this.removeAllDecorations(); this.removeTooltip(); this.forgetAllInputs(); this.matching.clear(); this.intObs = null; + this.device.scanner.forms.delete(this.form); } categorizeInputs() { const selector = this.matching.cssSelector('formInputsSelector'); @@ -5795,12 +5829,17 @@ class Form { if (foundInputs.length < MAX_INPUTS_PER_FORM) { foundInputs.forEach(input => this.addInput(input)); } else { - if ((0, _autofillUtils.shouldLog)()) { - console.log('The form has too many inputs, bailing.'); - } + // This is rather extreme, but better safe than sorry + this.device.scanner.stopScanner('The form has too many inputs, bailing.'); + return; } } this.initialScanComplete = true; + + // Observe only if the container isn't the body, to avoid performance overloads + if (this.form !== document.body) { + this.mutObs.observe(this.form, this.mutObsConfig); + } } get submitButtons() { const selector = this.matching.cssSelector('submitButtonSelector'); @@ -5853,10 +5892,14 @@ class Form { // If the form has too many inputs, destroy everything to avoid performance issues if (this.inputs.all.size > MAX_INPUTS_PER_FORM) { - if ((0, _autofillUtils.shouldLog)()) { - console.log('The form has too many inputs, destroying.'); - } - this.destroy(); + this.device.scanner.stopScanner('The form has too many inputs, destroying.'); + return this; + } + + // When new inputs are added after the initial scan, reanalyze the whole form + if (this.initialScanComplete && this.rescanCount < MAX_FORM_RESCANS) { + this.formAnalyzer = new _FormAnalyzer.default(this.form, input, this.matching); + this.recategorizeAllInputs(); return this; } @@ -8081,12 +8124,12 @@ const matchingConfiguration = exports.matchingConfiguration = { strategies: { cssSelector: { selectors: { - genericTextField: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=file]):not([type=hidden]):not([type=month]):not([type=number]):not([type=radio]):not([type=range]):not([type=reset]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week])', + genericTextField: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=file]):not([type=hidden]):not([type=radio]):not([type=range]):not([type=reset]):not([type=image]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]):not([placeholder^=search i]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=month])', submitButtonSelector: 'input[type=submit], input[type=button], input[type=image], button:not([role=switch]):not([role=link]), [role=button], a[href="#"][id*=button i], a[href="#"][id*=btn i]', - formInputsSelector: 'input:not([type=submit]):not([type=button]):not([type=checkbox]):not([type=radio]):not([type=hidden]):not([type=file]):not([type=search]):not([type=reset]):not([type=image]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]), [autocomplete=username], select', + formInputsSelector: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=file]):not([type=hidden]):not([type=radio]):not([type=range]):not([type=reset]):not([type=image]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]):not([placeholder^=search i]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=month]),[autocomplete=username],select', safeUniversalSelector: '*:not(select):not(option):not(script):not(noscript):not(style):not(br)', emailAddress: 'input:not([type])[name*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([name*=code i]), input[type=""][name*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([type=tel]), input[type=text][name*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([name*=title i]):not([name*=tab i]):not([name*=code i]), input:not([type])[placeholder*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([name*=code i]), input[type=text][placeholder*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]), input[type=""][placeholder*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]), input[type=email], input[type=text][aria-label*=email i]:not([aria-label*=search i]), input:not([type])[aria-label*=email i]:not([aria-label*=search i]), input[name=username][type=email], input[autocomplete=username][type=email], input[autocomplete=username][placeholder*=email i], input[autocomplete=email],input[name="mail_tel" i],input[value=email i]', - username: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=file]):not([type=hidden]):not([type=month]):not([type=number]):not([type=radio]):not([type=range]):not([type=reset]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week])[autocomplete^=user i],input[name=username i],input[name="loginId" i],input[name="userid" i],input[id="userid" i],input[name="user_id" i],input[name="user-id" i],input[id="login-id" i],input[id="login_id" i],input[id="loginid" i],input[name="login" i],input[name=accountname i],input[autocomplete=username i],input[name*=accountid i],input[name="j_username" i],input[id="j_username" i],input[name="uwinid" i],input[name="livedoor_id" i],input[name="ssousername" i],input[name="j_userlogin_pwd" i],input[name="user[login]" i],input[name="user" i],input[name$="_username" i],input[id="lmSsoinput" i],input[name="account_subdomain" i],input[name="masterid" i],input[name="tridField" i],input[id="signInName" i],input[id="w3c_accountsbundle_accountrequeststep1_login" i],input[id="username" i],input[name="_user" i],input[name="login_username" i],input[name^="login-user-account" i],input[id="loginusuario" i],input[name="usuario" i],input[id="UserLoginFormUsername" i],input[id="nw_username" i],input[can-field="accountName"],input[placeholder^="username" i]', + username: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=file]):not([type=hidden]):not([type=radio]):not([type=range]):not([type=reset]):not([type=image]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]):not([placeholder^=search i]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=month])[autocomplete^=user i],input[name=username i],input[name="loginId" i],input[name="userid" i],input[id="userid" i],input[name="user_id" i],input[name="user-id" i],input[id="login-id" i],input[id="login_id" i],input[id="loginid" i],input[name="login" i],input[name=accountname i],input[autocomplete=username i],input[name*=accountid i],input[name="j_username" i],input[id="j_username" i],input[name="uwinid" i],input[name="livedoor_id" i],input[name="ssousername" i],input[name="j_userlogin_pwd" i],input[name="user[login]" i],input[name="user" i],input[name$="_username" i],input[id="lmSsoinput" i],input[name="account_subdomain" i],input[name="masterid" i],input[name="tridField" i],input[id="signInName" i],input[id="w3c_accountsbundle_accountrequeststep1_login" i],input[id="username" i],input[name="_user" i],input[name="login_username" i],input[name^="login-user-account" i],input[id="loginusuario" i],input[name="usuario" i],input[id="UserLoginFormUsername" i],input[id="nw_username" i],input[can-field="accountName"],input[placeholder^="username" i]', password: 'input[type=password]:not([autocomplete*=cc]):not([autocomplete=one-time-code]):not([name*=answer i]):not([name*=mfa i]):not([name*=tin i]):not([name*=card i]):not([name*=cvv i]),input.js-cloudsave-phrase', cardName: 'input[autocomplete="cc-name" i], input[autocomplete="ccname" i], input[name="ccname" i], input[name="cc-name" i], input[name="ppw-accountHolderName" i], input[id*=cardname i], input[id*=card-name i], input[id*=card_name i]', cardNumber: 'input[autocomplete="cc-number" i], input[autocomplete="ccnumber" i], input[autocomplete="cardnumber" i], input[autocomplete="card-number" i], input[name="ccnumber" i], input[name="cc-number" i], input[name*=card i][name*=number i], input[name*=cardnumber i], input[id*=cardnumber i], input[id*=card-number i], input[id*=card_number i]', @@ -9142,7 +9185,8 @@ function getInputSubtype(input) { */ const removeExcessWhitespace = function () { let string = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : ''; - if (!string) return ''; + // The length check is extra safety to avoid trimming strings that would be discarded anyway + if (!string || string.length > TEXT_LENGTH_CUTOFF + 50) return ''; return string.replace(/\n/g, ' ').replace(/\s{2,}/g, ' ').trim(); }; @@ -9708,6 +9752,7 @@ const { * findEligibleInputs(context): Scanner; * matching: import("./Form/matching").Matching; * options: ScannerOptions; + * stopScanner: (reason: string, ...rest: any) => void; * }} Scanner * * @typedef {{ @@ -9849,7 +9894,7 @@ class DefaultScanner { /** * Stops scanning, switches off the mutation observer and clears all forms * @param {string} reason - * @param {...any} rest + * @param {any} rest */ stopScanner(reason) { this.stopped = true; @@ -9890,9 +9935,15 @@ class DefaultScanner { } } } + + /** + * Max number of nodes we want to traverse upwards, critical to avoid enclosing large portions of the DOM + * @type {number} + */ + let traversalLayerCount = 0; let element = input; // traverse the DOM to search for related inputs - while (element.parentElement && element.parentElement !== document.documentElement) { + while (traversalLayerCount <= 5 && element.parentElement && element.parentElement !== document.documentElement) { // Avoid overlapping containers or forms const siblingForm = element.parentElement?.querySelector('form'); if (siblingForm && siblingForm !== element) { @@ -9906,6 +9957,7 @@ class DefaultScanner { // found related input, return common ancestor return element; } + traversalLayerCount++; } return input; } @@ -12615,7 +12667,7 @@ const constants = exports.constants = { MAX_INPUTS_PER_PAGE: 100, MAX_FORMS_PER_PAGE: 30, MAX_INPUTS_PER_FORM: 80, - MAX_FORM_MUT_OBS_COUNT: 50 + MAX_FORM_RESCANS: 50 }; },{}],55:[function(require,module,exports){ diff --git a/integration-test/helpers/harness.js b/integration-test/helpers/harness.js index d19401866..05e71d9a1 100644 --- a/integration-test/helpers/harness.js +++ b/integration-test/helpers/harness.js @@ -41,7 +41,7 @@ export async function withEmailProtectionExtensionSignedInAs (page, username) { * MAX_INPUTS_PER_PAGE: number, * MAX_FORMS_PER_PAGE: number, * MAX_INPUTS_PER_FORM: number, - * MAX_FORM_MUT_OBS_COUNT: number + * MAX_FORM_RESCANS: number * }} [p.constants] * @return {Promise} */ @@ -115,7 +115,7 @@ export function createAutofillScript () { MAX_INPUTS_PER_PAGE: 100, MAX_FORMS_PER_PAGE: 30, MAX_INPUTS_PER_FORM: 80, - MAX_FORM_MUT_OBS_COUNT: 50 + MAX_FORM_RESCANS: 50 } /** @type {ScriptBuilder} */ diff --git a/integration-test/tests/mutating-form.macos.spec.js b/integration-test/tests/mutating-form.macos.spec.js index 6dc29ad84..3451cdd37 100644 --- a/integration-test/tests/mutating-form.macos.spec.js +++ b/integration-test/tests/mutating-form.macos.spec.js @@ -8,7 +8,7 @@ import {test as base} from '@playwright/test' */ const test = base.extend({}) -test.describe.skip('Mutating form page', () => { +test.describe('Mutating form page', () => { async function applyScript (page) { await createAutofillScript() .replaceAll(macosContentScopeReplacements()) diff --git a/src/Form/Form.js b/src/Form/Form.js index 7b22a877b..9b771710b 100644 --- a/src/Form/Form.js +++ b/src/Form/Form.js @@ -26,7 +26,8 @@ import {constants} from '../constants.js' const { ATTR_AUTOFILL, ATTR_INPUT_TYPE, - MAX_INPUTS_PER_FORM + MAX_INPUTS_PER_FORM, + MAX_FORM_RESCANS } = constants class Form { @@ -76,6 +77,31 @@ class Form { } }) + this.rescanCount = 0 + this.mutObsConfig = { childList: true, subtree: true } + this.mutObs = new MutationObserver( + (records) => { + const anythingRemoved = records.some(record => record.removedNodes.length > 0) + if (anythingRemoved) { + // Ensure we destroy the form if it's removed from the DOM + if (!this.form.isConnected) { + this.destroy() + return + } + // Must check for inputs because a parent may be removed and not show up in record.removedNodes + if ([...this.inputs.all].some(input => !input.isConnected)) { + // This is re-connected in recategorizeAllInputs, disconnecting here to avoid risk of re-work + this.mutObs.disconnect() + // If any known input has been removed from the DOM, reanalyze the whole form + window.requestIdleCallback(() => { + this.formAnalyzer = new FormAnalyzer(this.form, input, this.matching) + this.recategorizeAllInputs() + }) + } + } + } + ) + // This ensures we fire the handler again if the form is changed this.addListener(form, 'input', () => { if (!this.isAutofilling) { @@ -309,6 +335,12 @@ class Form { * Resets our input scoring and starts from scratch */ recategorizeAllInputs () { + // If the form mutates too much, disconnect to avoid performance issues + if (this.rescanCount >= MAX_FORM_RESCANS) { + this.mutObs.disconnect() + return + } + this.rescanCount++ this.initialScanComplete = false this.removeAllDecorations() this.forgetAllInputs() @@ -327,11 +359,13 @@ class Form { } // This removes all listeners to avoid memory leaks and weird behaviours destroy () { + this.mutObs.disconnect() this.removeAllDecorations() this.removeTooltip() this.forgetAllInputs() this.matching.clear() this.intObs = null + this.device.scanner.forms.delete(this.form) } categorizeInputs () { @@ -347,12 +381,17 @@ class Form { if (foundInputs.length < MAX_INPUTS_PER_FORM) { foundInputs.forEach(input => this.addInput(input)) } else { - if (shouldLog()) { - console.log('The form has too many inputs, bailing.') - } + // This is rather extreme, but better safe than sorry + this.device.scanner.stopScanner('The form has too many inputs, bailing.') + return } } this.initialScanComplete = true + + // Observe only if the container isn't the body, to avoid performance overloads + if (this.form !== document.body) { + this.mutObs.observe(this.form, this.mutObsConfig) + } } get submitButtons () { @@ -410,10 +449,14 @@ class Form { // If the form has too many inputs, destroy everything to avoid performance issues if (this.inputs.all.size > MAX_INPUTS_PER_FORM) { - if (shouldLog()) { - console.log('The form has too many inputs, destroying.') - } - this.destroy() + this.device.scanner.stopScanner('The form has too many inputs, destroying.') + return this + } + + // When new inputs are added after the initial scan, reanalyze the whole form + if (this.initialScanComplete && this.rescanCount < MAX_FORM_RESCANS) { + this.formAnalyzer = new FormAnalyzer(this.form, input, this.matching) + this.recategorizeAllInputs() return this } diff --git a/src/Form/Form.test.js b/src/Form/Form.test.js index fb7e06c86..f2df479d3 100644 --- a/src/Form/Form.test.js +++ b/src/Form/Form.test.js @@ -380,7 +380,7 @@ describe('Form bails', () => { beforeEach(() => { document.body.innerHTML = '' }) - test('when it has too many fields', async () => { + test('when it has too many fields on load', async () => { const formEl = attachAndReturnGenericForm() for (let i = 0; i <= constants.MAX_INPUTS_PER_FORM + 10; i++) { const input = document.createElement('input') diff --git a/src/Form/matching-config/__generated__/compiled-matching-config.js b/src/Form/matching-config/__generated__/compiled-matching-config.js index 363cf4522..bb768c2a7 100644 --- a/src/Form/matching-config/__generated__/compiled-matching-config.js +++ b/src/Form/matching-config/__generated__/compiled-matching-config.js @@ -203,12 +203,12 @@ const matchingConfiguration = { strategies: { cssSelector: { selectors: { - genericTextField: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=file]):not([type=hidden]):not([type=month]):not([type=number]):not([type=radio]):not([type=range]):not([type=reset]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week])', + genericTextField: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=file]):not([type=hidden]):not([type=radio]):not([type=range]):not([type=reset]):not([type=image]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]):not([placeholder^=search i]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=month])', submitButtonSelector: 'input[type=submit], input[type=button], input[type=image], button:not([role=switch]):not([role=link]), [role=button], a[href="#"][id*=button i], a[href="#"][id*=btn i]', - formInputsSelector: 'input:not([type=submit]):not([type=button]):not([type=checkbox]):not([type=radio]):not([type=hidden]):not([type=file]):not([type=search]):not([type=reset]):not([type=image]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]), [autocomplete=username], select', + formInputsSelector: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=file]):not([type=hidden]):not([type=radio]):not([type=range]):not([type=reset]):not([type=image]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]):not([placeholder^=search i]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=month]),[autocomplete=username],select', safeUniversalSelector: '*:not(select):not(option):not(script):not(noscript):not(style):not(br)', emailAddress: 'input:not([type])[name*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([name*=code i]), input[type=""][name*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([type=tel]), input[type=text][name*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([name*=title i]):not([name*=tab i]):not([name*=code i]), input:not([type])[placeholder*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([name*=code i]), input[type=text][placeholder*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]), input[type=""][placeholder*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]), input[type=email], input[type=text][aria-label*=email i]:not([aria-label*=search i]), input:not([type])[aria-label*=email i]:not([aria-label*=search i]), input[name=username][type=email], input[autocomplete=username][type=email], input[autocomplete=username][placeholder*=email i], input[autocomplete=email],input[name="mail_tel" i],input[value=email i]', - username: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=file]):not([type=hidden]):not([type=month]):not([type=number]):not([type=radio]):not([type=range]):not([type=reset]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week])[autocomplete^=user i],input[name=username i],input[name="loginId" i],input[name="userid" i],input[id="userid" i],input[name="user_id" i],input[name="user-id" i],input[id="login-id" i],input[id="login_id" i],input[id="loginid" i],input[name="login" i],input[name=accountname i],input[autocomplete=username i],input[name*=accountid i],input[name="j_username" i],input[id="j_username" i],input[name="uwinid" i],input[name="livedoor_id" i],input[name="ssousername" i],input[name="j_userlogin_pwd" i],input[name="user[login]" i],input[name="user" i],input[name$="_username" i],input[id="lmSsoinput" i],input[name="account_subdomain" i],input[name="masterid" i],input[name="tridField" i],input[id="signInName" i],input[id="w3c_accountsbundle_accountrequeststep1_login" i],input[id="username" i],input[name="_user" i],input[name="login_username" i],input[name^="login-user-account" i],input[id="loginusuario" i],input[name="usuario" i],input[id="UserLoginFormUsername" i],input[id="nw_username" i],input[can-field="accountName"],input[placeholder^="username" i]', + username: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=file]):not([type=hidden]):not([type=radio]):not([type=range]):not([type=reset]):not([type=image]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]):not([placeholder^=search i]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=month])[autocomplete^=user i],input[name=username i],input[name="loginId" i],input[name="userid" i],input[id="userid" i],input[name="user_id" i],input[name="user-id" i],input[id="login-id" i],input[id="login_id" i],input[id="loginid" i],input[name="login" i],input[name=accountname i],input[autocomplete=username i],input[name*=accountid i],input[name="j_username" i],input[id="j_username" i],input[name="uwinid" i],input[name="livedoor_id" i],input[name="ssousername" i],input[name="j_userlogin_pwd" i],input[name="user[login]" i],input[name="user" i],input[name$="_username" i],input[id="lmSsoinput" i],input[name="account_subdomain" i],input[name="masterid" i],input[name="tridField" i],input[id="signInName" i],input[id="w3c_accountsbundle_accountrequeststep1_login" i],input[id="username" i],input[name="_user" i],input[name="login_username" i],input[name^="login-user-account" i],input[id="loginusuario" i],input[name="usuario" i],input[id="UserLoginFormUsername" i],input[id="nw_username" i],input[can-field="accountName"],input[placeholder^="username" i]', password: 'input[type=password]:not([autocomplete*=cc]):not([autocomplete=one-time-code]):not([name*=answer i]):not([name*=mfa i]):not([name*=tin i]):not([name*=card i]):not([name*=cvv i]),input.js-cloudsave-phrase', cardName: 'input[autocomplete="cc-name" i], input[autocomplete="ccname" i], input[name="ccname" i], input[name="cc-name" i], input[name="ppw-accountHolderName" i], input[id*=cardname i], input[id*=card-name i], input[id*=card_name i]', cardNumber: 'input[autocomplete="cc-number" i], input[autocomplete="ccnumber" i], input[autocomplete="cardnumber" i], input[autocomplete="card-number" i], input[name="ccnumber" i], input[name="cc-number" i], input[name*=card i][name*=number i], input[name*=cardnumber i], input[id*=cardnumber i], input[id*=card-number i], input[id*=card_number i]', diff --git a/src/Form/matching-config/selectors-css.js b/src/Form/matching-config/selectors-css.js index 1ee3d08c7..e567afdf7 100644 --- a/src/Form/matching-config/selectors-css.js +++ b/src/Form/matching-config/selectors-css.js @@ -1,7 +1,12 @@ -const formInputsSelector = ` -input:not([type=submit]):not([type=button]):not([type=checkbox]):not([type=radio]):not([type=hidden]):not([type=file]):not([type=search]):not([type=reset]):not([type=image]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]), -[autocomplete=username], -select` +// We've seen non-standard types like 'user'. This selector should get them, too +const genericTextField = ` +input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=file]):not([type=hidden]):not([type=radio]):not([type=range]):not([type=reset]):not([type=image]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]):not([placeholder^=search i]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=month])` + +const formInputsSelector = [ + genericTextField, + '[autocomplete=username]', + 'select' +] const submitButtonSelector = ` input[type=submit], @@ -14,10 +19,6 @@ a[href="#"][id*=btn i]` const safeUniversalSelector = '*:not(select):not(option):not(script):not(noscript):not(style):not(br)' -// We've seen non-standard types like 'user'. This selector should get them, too -const genericTextField = ` -input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=file]):not([type=hidden]):not([type=month]):not([type=number]):not([type=radio]):not([type=range]):not([type=reset]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week])` - const emailAddress = [ ` input:not([type])[name*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([name*=code i]), diff --git a/src/Form/matching.js b/src/Form/matching.js index 449cd778e..e5fdb6c1f 100644 --- a/src/Form/matching.js +++ b/src/Form/matching.js @@ -759,7 +759,8 @@ function getInputSubtype (input) { * @return {string} */ const removeExcessWhitespace = (string = '') => { - if (!string) return '' + // The length check is extra safety to avoid trimming strings that would be discarded anyway + if (!string || string.length > TEXT_LENGTH_CUTOFF + 50) return '' return (string) .replace(/\n/g, ' ') diff --git a/src/Form/test-cases/asana_search.html b/src/Form/test-cases/asana_search.html index 133e9f19a..78e472264 100644 --- a/src/Form/test-cases/asana_search.html +++ b/src/Form/test-cases/asana_search.html @@ -1,2 +1,32 @@ -
+
+ + +
diff --git a/src/Scanner.js b/src/Scanner.js index 8457e0b55..c4da6f937 100644 --- a/src/Scanner.js +++ b/src/Scanner.js @@ -18,6 +18,7 @@ const { * findEligibleInputs(context): Scanner; * matching: import("./Form/matching").Matching; * options: ScannerOptions; + * stopScanner: (reason: string, ...rest: any) => void; * }} Scanner * * @typedef {{ @@ -151,7 +152,7 @@ class DefaultScanner { /** * Stops scanning, switches off the mutation observer and clears all forms * @param {string} reason - * @param {...any} rest + * @param {any} rest */ stopScanner (reason, ...rest) { this.stopped = true @@ -194,9 +195,14 @@ class DefaultScanner { } } + /** + * Max number of nodes we want to traverse upwards, critical to avoid enclosing large portions of the DOM + * @type {number} + */ + let traversalLayerCount = 0 let element = input // traverse the DOM to search for related inputs - while (element.parentElement && element.parentElement !== document.documentElement) { + while (traversalLayerCount <= 5 && element.parentElement && element.parentElement !== document.documentElement) { // Avoid overlapping containers or forms const siblingForm = element.parentElement?.querySelector('form') if (siblingForm && siblingForm !== element) { @@ -212,6 +218,7 @@ class DefaultScanner { // found related input, return common ancestor return element } + traversalLayerCount++ } return input diff --git a/src/constants.js b/src/constants.js index f8ed71eb2..5c5fbcc8b 100644 --- a/src/constants.js +++ b/src/constants.js @@ -5,5 +5,5 @@ export const constants = { MAX_INPUTS_PER_PAGE: 100, MAX_FORMS_PER_PAGE: 30, MAX_INPUTS_PER_FORM: 80, - MAX_FORM_MUT_OBS_COUNT: 50 + MAX_FORM_RESCANS: 50 } diff --git a/swift-package/Resources/assets/autofill-debug.js b/swift-package/Resources/assets/autofill-debug.js index 5875c2c2a..cd79bd834 100644 --- a/swift-package/Resources/assets/autofill-debug.js +++ b/swift-package/Resources/assets/autofill-debug.js @@ -9437,7 +9437,8 @@ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { de const { ATTR_AUTOFILL, ATTR_INPUT_TYPE, - MAX_INPUTS_PER_FORM + MAX_INPUTS_PER_FORM, + MAX_FORM_RESCANS } = _constants.constants; class Form { /** @type {import("../Form/matching").Matching} */ @@ -9485,6 +9486,31 @@ class Form { if (!entry.isIntersecting) this.removeTooltip(); } }); + this.rescanCount = 0; + this.mutObsConfig = { + childList: true, + subtree: true + }; + this.mutObs = new MutationObserver(records => { + const anythingRemoved = records.some(record => record.removedNodes.length > 0); + if (anythingRemoved) { + // Ensure we destroy the form if it's removed from the DOM + if (!this.form.isConnected) { + this.destroy(); + return; + } + // Must check for inputs because a parent may be removed and not show up in record.removedNodes + if ([...this.inputs.all].some(input => !input.isConnected)) { + // This is re-connected in recategorizeAllInputs, disconnecting here to avoid risk of re-work + this.mutObs.disconnect(); + // If any known input has been removed from the DOM, reanalyze the whole form + window.requestIdleCallback(() => { + this.formAnalyzer = new _FormAnalyzer.default(this.form, input, this.matching); + this.recategorizeAllInputs(); + }); + } + } + }); // This ensures we fire the handler again if the form is changed this.addListener(form, 'input', () => { @@ -9703,6 +9729,12 @@ class Form { * Resets our input scoring and starts from scratch */ recategorizeAllInputs() { + // If the form mutates too much, disconnect to avoid performance issues + if (this.rescanCount >= MAX_FORM_RESCANS) { + this.mutObs.disconnect(); + return; + } + this.rescanCount++; this.initialScanComplete = false; this.removeAllDecorations(); this.forgetAllInputs(); @@ -9721,11 +9753,13 @@ class Form { } // This removes all listeners to avoid memory leaks and weird behaviours destroy() { + this.mutObs.disconnect(); this.removeAllDecorations(); this.removeTooltip(); this.forgetAllInputs(); this.matching.clear(); this.intObs = null; + this.device.scanner.forms.delete(this.form); } categorizeInputs() { const selector = this.matching.cssSelector('formInputsSelector'); @@ -9740,12 +9774,17 @@ class Form { if (foundInputs.length < MAX_INPUTS_PER_FORM) { foundInputs.forEach(input => this.addInput(input)); } else { - if ((0, _autofillUtils.shouldLog)()) { - console.log('The form has too many inputs, bailing.'); - } + // This is rather extreme, but better safe than sorry + this.device.scanner.stopScanner('The form has too many inputs, bailing.'); + return; } } this.initialScanComplete = true; + + // Observe only if the container isn't the body, to avoid performance overloads + if (this.form !== document.body) { + this.mutObs.observe(this.form, this.mutObsConfig); + } } get submitButtons() { const selector = this.matching.cssSelector('submitButtonSelector'); @@ -9798,10 +9837,14 @@ class Form { // If the form has too many inputs, destroy everything to avoid performance issues if (this.inputs.all.size > MAX_INPUTS_PER_FORM) { - if ((0, _autofillUtils.shouldLog)()) { - console.log('The form has too many inputs, destroying.'); - } - this.destroy(); + this.device.scanner.stopScanner('The form has too many inputs, destroying.'); + return this; + } + + // When new inputs are added after the initial scan, reanalyze the whole form + if (this.initialScanComplete && this.rescanCount < MAX_FORM_RESCANS) { + this.formAnalyzer = new _FormAnalyzer.default(this.form, input, this.matching); + this.recategorizeAllInputs(); return this; } @@ -12026,12 +12069,12 @@ const matchingConfiguration = exports.matchingConfiguration = { strategies: { cssSelector: { selectors: { - genericTextField: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=file]):not([type=hidden]):not([type=month]):not([type=number]):not([type=radio]):not([type=range]):not([type=reset]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week])', + genericTextField: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=file]):not([type=hidden]):not([type=radio]):not([type=range]):not([type=reset]):not([type=image]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]):not([placeholder^=search i]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=month])', submitButtonSelector: 'input[type=submit], input[type=button], input[type=image], button:not([role=switch]):not([role=link]), [role=button], a[href="#"][id*=button i], a[href="#"][id*=btn i]', - formInputsSelector: 'input:not([type=submit]):not([type=button]):not([type=checkbox]):not([type=radio]):not([type=hidden]):not([type=file]):not([type=search]):not([type=reset]):not([type=image]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]), [autocomplete=username], select', + formInputsSelector: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=file]):not([type=hidden]):not([type=radio]):not([type=range]):not([type=reset]):not([type=image]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]):not([placeholder^=search i]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=month]),[autocomplete=username],select', safeUniversalSelector: '*:not(select):not(option):not(script):not(noscript):not(style):not(br)', emailAddress: 'input:not([type])[name*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([name*=code i]), input[type=""][name*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([type=tel]), input[type=text][name*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([name*=title i]):not([name*=tab i]):not([name*=code i]), input:not([type])[placeholder*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([name*=code i]), input[type=text][placeholder*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]), input[type=""][placeholder*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]), input[type=email], input[type=text][aria-label*=email i]:not([aria-label*=search i]), input:not([type])[aria-label*=email i]:not([aria-label*=search i]), input[name=username][type=email], input[autocomplete=username][type=email], input[autocomplete=username][placeholder*=email i], input[autocomplete=email],input[name="mail_tel" i],input[value=email i]', - username: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=file]):not([type=hidden]):not([type=month]):not([type=number]):not([type=radio]):not([type=range]):not([type=reset]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week])[autocomplete^=user i],input[name=username i],input[name="loginId" i],input[name="userid" i],input[id="userid" i],input[name="user_id" i],input[name="user-id" i],input[id="login-id" i],input[id="login_id" i],input[id="loginid" i],input[name="login" i],input[name=accountname i],input[autocomplete=username i],input[name*=accountid i],input[name="j_username" i],input[id="j_username" i],input[name="uwinid" i],input[name="livedoor_id" i],input[name="ssousername" i],input[name="j_userlogin_pwd" i],input[name="user[login]" i],input[name="user" i],input[name$="_username" i],input[id="lmSsoinput" i],input[name="account_subdomain" i],input[name="masterid" i],input[name="tridField" i],input[id="signInName" i],input[id="w3c_accountsbundle_accountrequeststep1_login" i],input[id="username" i],input[name="_user" i],input[name="login_username" i],input[name^="login-user-account" i],input[id="loginusuario" i],input[name="usuario" i],input[id="UserLoginFormUsername" i],input[id="nw_username" i],input[can-field="accountName"],input[placeholder^="username" i]', + username: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=file]):not([type=hidden]):not([type=radio]):not([type=range]):not([type=reset]):not([type=image]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]):not([placeholder^=search i]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=month])[autocomplete^=user i],input[name=username i],input[name="loginId" i],input[name="userid" i],input[id="userid" i],input[name="user_id" i],input[name="user-id" i],input[id="login-id" i],input[id="login_id" i],input[id="loginid" i],input[name="login" i],input[name=accountname i],input[autocomplete=username i],input[name*=accountid i],input[name="j_username" i],input[id="j_username" i],input[name="uwinid" i],input[name="livedoor_id" i],input[name="ssousername" i],input[name="j_userlogin_pwd" i],input[name="user[login]" i],input[name="user" i],input[name$="_username" i],input[id="lmSsoinput" i],input[name="account_subdomain" i],input[name="masterid" i],input[name="tridField" i],input[id="signInName" i],input[id="w3c_accountsbundle_accountrequeststep1_login" i],input[id="username" i],input[name="_user" i],input[name="login_username" i],input[name^="login-user-account" i],input[id="loginusuario" i],input[name="usuario" i],input[id="UserLoginFormUsername" i],input[id="nw_username" i],input[can-field="accountName"],input[placeholder^="username" i]', password: 'input[type=password]:not([autocomplete*=cc]):not([autocomplete=one-time-code]):not([name*=answer i]):not([name*=mfa i]):not([name*=tin i]):not([name*=card i]):not([name*=cvv i]),input.js-cloudsave-phrase', cardName: 'input[autocomplete="cc-name" i], input[autocomplete="ccname" i], input[name="ccname" i], input[name="cc-name" i], input[name="ppw-accountHolderName" i], input[id*=cardname i], input[id*=card-name i], input[id*=card_name i]', cardNumber: 'input[autocomplete="cc-number" i], input[autocomplete="ccnumber" i], input[autocomplete="cardnumber" i], input[autocomplete="card-number" i], input[name="ccnumber" i], input[name="cc-number" i], input[name*=card i][name*=number i], input[name*=cardnumber i], input[id*=cardnumber i], input[id*=card-number i], input[id*=card_number i]', @@ -13087,7 +13130,8 @@ function getInputSubtype(input) { */ const removeExcessWhitespace = function () { let string = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : ''; - if (!string) return ''; + // The length check is extra safety to avoid trimming strings that would be discarded anyway + if (!string || string.length > TEXT_LENGTH_CUTOFF + 50) return ''; return string.replace(/\n/g, ' ').replace(/\s{2,}/g, ' ').trim(); }; @@ -13653,6 +13697,7 @@ const { * findEligibleInputs(context): Scanner; * matching: import("./Form/matching").Matching; * options: ScannerOptions; + * stopScanner: (reason: string, ...rest: any) => void; * }} Scanner * * @typedef {{ @@ -13794,7 +13839,7 @@ class DefaultScanner { /** * Stops scanning, switches off the mutation observer and clears all forms * @param {string} reason - * @param {...any} rest + * @param {any} rest */ stopScanner(reason) { this.stopped = true; @@ -13835,9 +13880,15 @@ class DefaultScanner { } } } + + /** + * Max number of nodes we want to traverse upwards, critical to avoid enclosing large portions of the DOM + * @type {number} + */ + let traversalLayerCount = 0; let element = input; // traverse the DOM to search for related inputs - while (element.parentElement && element.parentElement !== document.documentElement) { + while (traversalLayerCount <= 5 && element.parentElement && element.parentElement !== document.documentElement) { // Avoid overlapping containers or forms const siblingForm = element.parentElement?.querySelector('form'); if (siblingForm && siblingForm !== element) { @@ -13851,6 +13902,7 @@ class DefaultScanner { // found related input, return common ancestor return element; } + traversalLayerCount++; } return input; } @@ -16560,7 +16612,7 @@ const constants = exports.constants = { MAX_INPUTS_PER_PAGE: 100, MAX_FORMS_PER_PAGE: 30, MAX_INPUTS_PER_FORM: 80, - MAX_FORM_MUT_OBS_COUNT: 50 + MAX_FORM_RESCANS: 50 }; },{}],65:[function(require,module,exports){ diff --git a/swift-package/Resources/assets/autofill.js b/swift-package/Resources/assets/autofill.js index f8f022768..a517dd179 100644 --- a/swift-package/Resources/assets/autofill.js +++ b/swift-package/Resources/assets/autofill.js @@ -5492,7 +5492,8 @@ function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { de const { ATTR_AUTOFILL, ATTR_INPUT_TYPE, - MAX_INPUTS_PER_FORM + MAX_INPUTS_PER_FORM, + MAX_FORM_RESCANS } = _constants.constants; class Form { /** @type {import("../Form/matching").Matching} */ @@ -5540,6 +5541,31 @@ class Form { if (!entry.isIntersecting) this.removeTooltip(); } }); + this.rescanCount = 0; + this.mutObsConfig = { + childList: true, + subtree: true + }; + this.mutObs = new MutationObserver(records => { + const anythingRemoved = records.some(record => record.removedNodes.length > 0); + if (anythingRemoved) { + // Ensure we destroy the form if it's removed from the DOM + if (!this.form.isConnected) { + this.destroy(); + return; + } + // Must check for inputs because a parent may be removed and not show up in record.removedNodes + if ([...this.inputs.all].some(input => !input.isConnected)) { + // This is re-connected in recategorizeAllInputs, disconnecting here to avoid risk of re-work + this.mutObs.disconnect(); + // If any known input has been removed from the DOM, reanalyze the whole form + window.requestIdleCallback(() => { + this.formAnalyzer = new _FormAnalyzer.default(this.form, input, this.matching); + this.recategorizeAllInputs(); + }); + } + } + }); // This ensures we fire the handler again if the form is changed this.addListener(form, 'input', () => { @@ -5758,6 +5784,12 @@ class Form { * Resets our input scoring and starts from scratch */ recategorizeAllInputs() { + // If the form mutates too much, disconnect to avoid performance issues + if (this.rescanCount >= MAX_FORM_RESCANS) { + this.mutObs.disconnect(); + return; + } + this.rescanCount++; this.initialScanComplete = false; this.removeAllDecorations(); this.forgetAllInputs(); @@ -5776,11 +5808,13 @@ class Form { } // This removes all listeners to avoid memory leaks and weird behaviours destroy() { + this.mutObs.disconnect(); this.removeAllDecorations(); this.removeTooltip(); this.forgetAllInputs(); this.matching.clear(); this.intObs = null; + this.device.scanner.forms.delete(this.form); } categorizeInputs() { const selector = this.matching.cssSelector('formInputsSelector'); @@ -5795,12 +5829,17 @@ class Form { if (foundInputs.length < MAX_INPUTS_PER_FORM) { foundInputs.forEach(input => this.addInput(input)); } else { - if ((0, _autofillUtils.shouldLog)()) { - console.log('The form has too many inputs, bailing.'); - } + // This is rather extreme, but better safe than sorry + this.device.scanner.stopScanner('The form has too many inputs, bailing.'); + return; } } this.initialScanComplete = true; + + // Observe only if the container isn't the body, to avoid performance overloads + if (this.form !== document.body) { + this.mutObs.observe(this.form, this.mutObsConfig); + } } get submitButtons() { const selector = this.matching.cssSelector('submitButtonSelector'); @@ -5853,10 +5892,14 @@ class Form { // If the form has too many inputs, destroy everything to avoid performance issues if (this.inputs.all.size > MAX_INPUTS_PER_FORM) { - if ((0, _autofillUtils.shouldLog)()) { - console.log('The form has too many inputs, destroying.'); - } - this.destroy(); + this.device.scanner.stopScanner('The form has too many inputs, destroying.'); + return this; + } + + // When new inputs are added after the initial scan, reanalyze the whole form + if (this.initialScanComplete && this.rescanCount < MAX_FORM_RESCANS) { + this.formAnalyzer = new _FormAnalyzer.default(this.form, input, this.matching); + this.recategorizeAllInputs(); return this; } @@ -8081,12 +8124,12 @@ const matchingConfiguration = exports.matchingConfiguration = { strategies: { cssSelector: { selectors: { - genericTextField: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=file]):not([type=hidden]):not([type=month]):not([type=number]):not([type=radio]):not([type=range]):not([type=reset]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week])', + genericTextField: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=file]):not([type=hidden]):not([type=radio]):not([type=range]):not([type=reset]):not([type=image]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]):not([placeholder^=search i]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=month])', submitButtonSelector: 'input[type=submit], input[type=button], input[type=image], button:not([role=switch]):not([role=link]), [role=button], a[href="#"][id*=button i], a[href="#"][id*=btn i]', - formInputsSelector: 'input:not([type=submit]):not([type=button]):not([type=checkbox]):not([type=radio]):not([type=hidden]):not([type=file]):not([type=search]):not([type=reset]):not([type=image]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]), [autocomplete=username], select', + formInputsSelector: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=file]):not([type=hidden]):not([type=radio]):not([type=range]):not([type=reset]):not([type=image]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]):not([placeholder^=search i]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=month]),[autocomplete=username],select', safeUniversalSelector: '*:not(select):not(option):not(script):not(noscript):not(style):not(br)', emailAddress: 'input:not([type])[name*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([name*=code i]), input[type=""][name*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([type=tel]), input[type=text][name*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([name*=title i]):not([name*=tab i]):not([name*=code i]), input:not([type])[placeholder*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]):not([name*=code i]), input[type=text][placeholder*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]), input[type=""][placeholder*=email i]:not([placeholder*=search i]):not([placeholder*=filter i]):not([placeholder*=subject i]), input[type=email], input[type=text][aria-label*=email i]:not([aria-label*=search i]), input:not([type])[aria-label*=email i]:not([aria-label*=search i]), input[name=username][type=email], input[autocomplete=username][type=email], input[autocomplete=username][placeholder*=email i], input[autocomplete=email],input[name="mail_tel" i],input[value=email i]', - username: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=file]):not([type=hidden]):not([type=month]):not([type=number]):not([type=radio]):not([type=range]):not([type=reset]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week])[autocomplete^=user i],input[name=username i],input[name="loginId" i],input[name="userid" i],input[id="userid" i],input[name="user_id" i],input[name="user-id" i],input[id="login-id" i],input[id="login_id" i],input[id="loginid" i],input[name="login" i],input[name=accountname i],input[autocomplete=username i],input[name*=accountid i],input[name="j_username" i],input[id="j_username" i],input[name="uwinid" i],input[name="livedoor_id" i],input[name="ssousername" i],input[name="j_userlogin_pwd" i],input[name="user[login]" i],input[name="user" i],input[name$="_username" i],input[id="lmSsoinput" i],input[name="account_subdomain" i],input[name="masterid" i],input[name="tridField" i],input[id="signInName" i],input[id="w3c_accountsbundle_accountrequeststep1_login" i],input[id="username" i],input[name="_user" i],input[name="login_username" i],input[name^="login-user-account" i],input[id="loginusuario" i],input[name="usuario" i],input[id="UserLoginFormUsername" i],input[id="nw_username" i],input[can-field="accountName"],input[placeholder^="username" i]', + username: 'input:not([type=button]):not([type=checkbox]):not([type=color]):not([type=file]):not([type=hidden]):not([type=radio]):not([type=range]):not([type=reset]):not([type=image]):not([type=search]):not([type=submit]):not([type=time]):not([type=url]):not([type=week]):not([name^=fake i]):not([data-description^=dummy i]):not([name*=otp]):not([autocomplete="fake"]):not([placeholder^=search i]):not([type=date]):not([type=datetime-local]):not([type=datetime]):not([type=month])[autocomplete^=user i],input[name=username i],input[name="loginId" i],input[name="userid" i],input[id="userid" i],input[name="user_id" i],input[name="user-id" i],input[id="login-id" i],input[id="login_id" i],input[id="loginid" i],input[name="login" i],input[name=accountname i],input[autocomplete=username i],input[name*=accountid i],input[name="j_username" i],input[id="j_username" i],input[name="uwinid" i],input[name="livedoor_id" i],input[name="ssousername" i],input[name="j_userlogin_pwd" i],input[name="user[login]" i],input[name="user" i],input[name$="_username" i],input[id="lmSsoinput" i],input[name="account_subdomain" i],input[name="masterid" i],input[name="tridField" i],input[id="signInName" i],input[id="w3c_accountsbundle_accountrequeststep1_login" i],input[id="username" i],input[name="_user" i],input[name="login_username" i],input[name^="login-user-account" i],input[id="loginusuario" i],input[name="usuario" i],input[id="UserLoginFormUsername" i],input[id="nw_username" i],input[can-field="accountName"],input[placeholder^="username" i]', password: 'input[type=password]:not([autocomplete*=cc]):not([autocomplete=one-time-code]):not([name*=answer i]):not([name*=mfa i]):not([name*=tin i]):not([name*=card i]):not([name*=cvv i]),input.js-cloudsave-phrase', cardName: 'input[autocomplete="cc-name" i], input[autocomplete="ccname" i], input[name="ccname" i], input[name="cc-name" i], input[name="ppw-accountHolderName" i], input[id*=cardname i], input[id*=card-name i], input[id*=card_name i]', cardNumber: 'input[autocomplete="cc-number" i], input[autocomplete="ccnumber" i], input[autocomplete="cardnumber" i], input[autocomplete="card-number" i], input[name="ccnumber" i], input[name="cc-number" i], input[name*=card i][name*=number i], input[name*=cardnumber i], input[id*=cardnumber i], input[id*=card-number i], input[id*=card_number i]', @@ -9142,7 +9185,8 @@ function getInputSubtype(input) { */ const removeExcessWhitespace = function () { let string = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : ''; - if (!string) return ''; + // The length check is extra safety to avoid trimming strings that would be discarded anyway + if (!string || string.length > TEXT_LENGTH_CUTOFF + 50) return ''; return string.replace(/\n/g, ' ').replace(/\s{2,}/g, ' ').trim(); }; @@ -9708,6 +9752,7 @@ const { * findEligibleInputs(context): Scanner; * matching: import("./Form/matching").Matching; * options: ScannerOptions; + * stopScanner: (reason: string, ...rest: any) => void; * }} Scanner * * @typedef {{ @@ -9849,7 +9894,7 @@ class DefaultScanner { /** * Stops scanning, switches off the mutation observer and clears all forms * @param {string} reason - * @param {...any} rest + * @param {any} rest */ stopScanner(reason) { this.stopped = true; @@ -9890,9 +9935,15 @@ class DefaultScanner { } } } + + /** + * Max number of nodes we want to traverse upwards, critical to avoid enclosing large portions of the DOM + * @type {number} + */ + let traversalLayerCount = 0; let element = input; // traverse the DOM to search for related inputs - while (element.parentElement && element.parentElement !== document.documentElement) { + while (traversalLayerCount <= 5 && element.parentElement && element.parentElement !== document.documentElement) { // Avoid overlapping containers or forms const siblingForm = element.parentElement?.querySelector('form'); if (siblingForm && siblingForm !== element) { @@ -9906,6 +9957,7 @@ class DefaultScanner { // found related input, return common ancestor return element; } + traversalLayerCount++; } return input; } @@ -12615,7 +12667,7 @@ const constants = exports.constants = { MAX_INPUTS_PER_PAGE: 100, MAX_FORMS_PER_PAGE: 30, MAX_INPUTS_PER_FORM: 80, - MAX_FORM_MUT_OBS_COUNT: 50 + MAX_FORM_RESCANS: 50 }; },{}],55:[function(require,module,exports){