Google Git
Sign in
chromium / chromium / src / lkgr-android-internal / . / ios / chrome / browser / safe_browsing / model
tree: 1e553b5e4e4e9e00cadab95d67ab04bfcf40730f [path history] [tgz]
  1. resources/
  2. tailored_security/
  3. BUILD.gn
  4. chrome_enterprise_url_lookup_service_factory.h
  5. chrome_enterprise_url_lookup_service_factory.mm
  6. chrome_enterprise_url_lookup_service_factory_unittest.mm
  7. chrome_password_protection_service.h
  8. chrome_password_protection_service.mm
  9. chrome_password_protection_service_factory.h
  10. chrome_password_protection_service_factory.mm
  11. chrome_password_protection_service_unittest.mm
  12. DEPS
  13. DIR_METADATA
  14. enhanced_safe_browsing_infobar_delegate.h
  15. enhanced_safe_browsing_infobar_delegate.mm
  16. hash_realtime_service_factory.h
  17. hash_realtime_service_factory.mm
  18. hash_realtime_service_factory_unittest.mm
  19. input_event_observer.h
  20. ohttp_key_service_factory.h
  21. ohttp_key_service_factory.mm
  22. ohttp_key_service_factory_unittest.mm
  23. OWNERS
  24. password_protection_egtest.mm
  25. password_protection_java_script_feature.h
  26. password_protection_java_script_feature.mm
  27. README.md
  28. real_time_url_lookup_service_factory.h
  29. real_time_url_lookup_service_factory.mm
  30. real_time_url_lookup_service_factory_unittest.mm
  31. safe_browsing_blocking_page.h
  32. safe_browsing_blocking_page.mm
  33. safe_browsing_blocking_page_unittest.mm
  34. safe_browsing_client_factory.h
  35. safe_browsing_client_factory.mm
  36. safe_browsing_client_factory_unittest.mm
  37. safe_browsing_client_impl.h
  38. safe_browsing_client_impl.mm
  39. safe_browsing_client_impl_unittest.mm
  40. safe_browsing_egtest.mm
  41. safe_browsing_helper_factory.h
  42. safe_browsing_helper_factory.mm
  43. safe_browsing_metrics_collector_factory.h
  44. safe_browsing_metrics_collector_factory.mm
  45. user_population_helper.h
  46. user_population_helper.mm
  47. verdict_cache_manager_factory.h
  48. verdict_cache_manager_factory.mm
  49. verdict_cache_manager_factory_unittest.mm
ios/chrome/browser/safe_browsing/model/README.md

PasswordProtectionJavaScriptFeature

Password Protection (also known as “PhishGuard”) is a feature that warns a user when they type one of their saved passwords on an unrelated site that is not known to be safe.

In order to detect these events, this feature needs to detect key presses and text paste events, so that entered text can be compared to saved passwords.

Embedders of content/ can detect such events using a RenderWidgetHost::InputEventObserver. Since WKWebView doesn't provide an equivalent API for its embedders, these events can only be detected by injecting JavaScript into each page. PasswordProtectionJavaScriptFeature implements this JavaScript logic.

To ensure that a malicious page cannot interfere with this detection logic, this JavaScript code is injected into an isolated world, where it is not visible to page script.