-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix subdomain matching #3854
Fix subdomain matching #3854
Conversation
Tested and solves #3848 for me. |
2a5feeb
to
c50e1bb
Compare
The tests are great but very fragile and difficult to follow. This is because they are a simple list without programmatic linkage between "valid" and "invalid" or expected to "match". This means we have to read comments and manually process them. I am merging for now, but these can be improved in the future perhaps with a QHash or structure that defines the test expectations per entry url. |
@droidmonkey You are absolutely right. I'll put that to my TODO list. |
Added - Browser: Show UI warning when entering invalid URLs [#3912] - Browser: Option to use an entry only for HTTP auth [#3927] Changed - Disable the user interface when merging or saving the database [#3991] - Ability to hide protected attribute after reveal [#3877] - Remove mention of "snaps" in Windows and macOS [#3879] - CLI: Merge parameter for source database key file (--key-file-from) [#3961] - Improve GUI tests reliability on Hi-DPI displays [#4075] - Disable deprecation warnings to allow building with Qt 5.14+ [#4075] - OPVault: Use 'otp' attribute for TOTP field imports [#4075] Fixed - Fix crashes when saving a database to cloud storage [#3991] - Fix crash when pressing enter twice while opening database [#3885] - Fix handling of HTML when displayed in the entry preview panel [#3910] - Fix start minimized to tray on Linux [#3899] - Fix Auto Open with key file only databases [#4075] - Fix escape key closing the standalone password generator [#3892] - macOS: Fix monospace font usage in password field and notes [#4075] - macOS: Fix building on macOS 10.9 to 10.11 [#3946] - Fix TOTP setup dialog not closing on database lock [#4075] - Browser: Fix condition where additional URLs are ignored [#4033] - Browser: Fix subdomain matching to return only relevant site entries [#3854] - Secret Service: Fix multiple crashes and incompatibilities [#3871, #4009, #4074] - Secret Service: Fix searching of entries [#4008, #4036] - Secret Service: Fix behavior when exposed group is recycled [#3914] - CLI: Release the database instance before exiting interactive mode [#3889] - Fix (most) memory leaks in tests [#3922]
Type of change
Description and Context
Fix for subdomain matching with Browser Integration. The previous fix handled the matching mostly based on the domain, and entry URL's with different subdomains were returned.
The behaviour is now following:
https://accounts.example.com
entry URL is only matched withhttps://accounts.example.com
or any subdomain under it.https://example.com
entry URL is matched with any subdomain (or none) underexample.com
.Also fixes matching with local files (handy for testing purposes). With those, a direct match between the page URL and entry URL is required.
Fixes #3848.
Testing strategy
Tested manually and with added automatic tests. Tests have some helpful comments added.
Checklist:
-DWITH_ASAN=ON
. [REQUIRED]