Commit Graph

2459 Commits

Author SHA1 Message Date
bw-ghapp[bot]
bbb42d9b17
Autosync the updated translations (#17461)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2025-11-18 18:36:24 +01:00
Daniel Riera
b1acff7f5c
Pm 27900 add additional hardening in extension frame validation (#17265)
* PM-27900 harden iframe, origin route tightening and test updates

* reduce comments to make more legible

* Removes referrer check in favor of PM-27822 #17313 bitwarden/clients@4206447cfe

* nake token optional since it is later set

* whitelist -> allowlist

* improve notes on unsafe

* improve content handler notes

* order allowlist

* improve jsdoc on ismessagefromextension method

* cover additional test cases

* rename verifytoken and document more clear, update referrer

---------

Co-authored-by: Miles Blackwood <mrobinson@bitwarden.com>
2025-11-18 12:22:13 -05:00
Oscar Hinton
9efc31534b
[PM-28231] Enable component-class-suffix (#17384)
* Enable component-class-suffix

* Rename file
2025-11-18 13:26:38 +01:00
Maximilian Power
8f04f25818
Fix Firefox phishing blocker continue button by awaiting tab navigation promises (#17436) 2025-11-18 09:37:31 +01:00
Jordan Aasen
670f3514ba
[PM-23384] - Browser extension spotlight directing to Premium signup in web (#17343)
* premium upgrade nudge

* add specs

* clean up vault template and specs

* fix date comparison. add more specs for date

* fix spec

* fix specs

* make prop private
2025-11-17 12:36:37 -08:00
Matt Gibson
c67715ea29
[PM-28038][PM-28276] Ignore url case for origin matching (#17355)
* ignore url case for origin matching

* Fixup typo

* Inject log services
2025-11-17 07:37:36 -08:00
Alex Dragovich
a4d773537e
[PM-27465] Fixing cancel button on Send and Vault export (#17138)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
2025-11-14 16:07:10 -08:00
Jason Ng
8a3f1ee1a4
[PM-26687] send skeleton (#17333)
* adding skeleton to send
2025-11-14 16:16:08 -05:00
Daniel Riera
fdb2f8b553
[PM-4903] - If you back out of autofill flow from locked vault screen, credentials autofilled on normal unlock (#17283)
* PM-4903- added a check for auth status and popout tabs, if no popup tab and auth is locked, abandon autofill

* add test

* clear all notifications if unlock popout closed

* add more tests and use tabid for performance optimization
2025-11-14 12:44:32 -05:00
bw-ghapp[bot]
4fd65965e8
Autosync the updated translations (#17379)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2025-11-14 12:39:05 +01:00
Andreas Coroiu
ed2d8b9549
[PM-18046] Implement session storage (#17346)
* feat: add support for IPC client managed session storage

* feat: update SDK

* fix: using undecorated service in jslib module directly

* feat: add test case for web

* chore: document why we use any type

* fix: `ipc` too short

* typo: omg

* Revert "typo: omg"

This reverts commit 559b05eb5a.

* Revert "fix: `ipc` too short"

This reverts commit 35fc99e10b.

* fix: use camelCase
2025-11-14 08:51:38 +01:00
Mark Youssef
a55d0f02f2
[CL-672] update mobile design of dialog (#14828)
---------

Co-authored-by: Vicki League <vleague@bitwarden.com>
2025-11-13 21:59:03 -05:00
Oscar Hinton
d95d86d05e
[CL-738] Migrate disclosure component (#17206) 2025-11-13 17:02:38 -05:00
Jordan Aasen
18c1d8b2d3
[PM-27661] - Multiple URIs - Add a Collapse Button after clicking View All for Saved Websites (#17352)
* use signals. add toggleable list view.

* use @for. remove redundant if statement

* fix template variable name

* clean up test setup

* Update apps/browser/src/vault/popup/components/vault-v2/autofill-confirmation-dialog/autofill-confirmation-dialog.component.spec.ts

Co-authored-by: Nik Gilmore <ngilmore@bitwarden.com>

---------

Co-authored-by: Nik Gilmore <ngilmore@bitwarden.com>
2025-11-13 10:34:38 -08:00
Daniel Riera
42a79e65cf
[PM-26916] inline menu not autofilling email field for oatsovernight.com (#17182)
* PM-26916 utilize opid on focused fields as first validation in order to avoid erroneously filling other similar fields

* extract logic to helper and take totp and multiple forms into account

* run prettier

* avoid filling with opid if already filled

* clean up comments and avoid early return so all fields are scanned

* add tests
2025-11-13 10:26:32 -05:00
Jeffrey Holland
ea0cdfc37c
Display autofill overlay for zoom.us signin password (#16900) 2025-11-13 11:26:04 +01:00
Nick Krantz
b2682a4139
[PM-27520] Allow for search while vault is loading (#17274)
* allow for search while vault is loading

* fix comment wording

* remove subscription return value - it is not used

* update `distinctUntilChanged` to account for tuple

* use feature flag to determine search pattern

* fix tests & lint issues

* fix lint errors part 2
2025-11-12 15:34:54 -06:00
Maciej Zieniuk
3da3aa5e8c
moving ownership of Auth vault timeout input component to KM (#17180)
(cherry picked from commit 5e595dabf71cdb312ae9e1e3bcc3121b3aebf19f)
2025-11-12 22:15:01 +01:00
Nick Krantz
d71add85e8
[PM-25084] Vault Skeleton loading (#17321)
* add import to overflow styles to override the overflow applied by virtual scrolling

* add position relative so absolute children display in scrolling context rather over the entire page

* add fade in skeleton to vault page

* refactor vault loading state to shared service

* disable search while loading

* add live announcement when vault is loading / loaded

* simplify announcement

* resolve CI issues

* add feature flag for skeletons

* add feature flag observables for loading state

* update component naming
2025-11-12 08:31:25 -06:00
Maciej Zieniuk
021d3e53aa
[PM-26056] Consolidated session timeout component (#16988)
* consolidated session timeout settings component

* rename preferences to appearance

* race condition bug on computed signal

* outdated header for browser

* unnecessary padding

* remove required on action, fix build

* rename localization key

* missing user id

* required

* cleanup task

* eslint fix signals rollback

* takeUntilDestroyed, null checks

* move browser specific logic outside shared component

* explicit input type

* input name

* takeUntilDestroyed, no toast

* unit tests

* cleanup

* cleanup, correct link to deprecation jira

* tech debt todo with jira

* missing web localization key when policy is on

* relative import

* extracting timeout options to component service

* duplicate localization key

* fix failing test

* subsequent timeout action selecting opening without dialog on first dialog cancellation

* default locale can be null

* unit tests failing

* rename, simplifications

* one if else feature flag

* timeout input component rendering before async pipe completion
2025-11-11 08:15:36 -06:00
bw-ghapp[bot]
275c6a93b4
Autosync the updated translations (#17271)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2025-11-10 08:40:12 +01:00
Matt Gibson
40ec682b78
[PM-27888] [PM-27889][PM-27914][PM-27820] Use frame Id as test for internal source. (#17266)
* Use frame Id as test for internal source.

* prefer strong equality

* Fix tests
2025-11-07 11:58:35 -05:00
Jonathan Prusik
0ef4964b2e
[PM-27569] Typing cleanup (#17087)
* typing cleanup

* additional cleanup

* more typing fixes

* revert notification background changes

* fix DOM query service breakage

* do not run a fill_by_opid action if there is a nullish or empty value attribute

* type cleanup

* cleanup per review suggestions

* remove unused flag check

* add non-null assertion signposts

* additional cleanup
2025-11-07 11:34:08 -05:00
Jordan Aasen
4bf90b0fb3
[PM-27754] - [Defect] MP prompt is missing before "Cannot autofill" modal when trying to autofill a login with "Exact" default matching set (#17247)
* add persistent callout in settings for non-premium users

* always call password reprompt in doAutofill

* ensure password reprompt is checked in all instances

* Revert "add persistent callout in settings for non-premium users"

This reverts commit d206832cd3.
2025-11-06 15:55:31 -08:00
Will Martin
1be9e19fad
[PM-26944] fix(browser/phishing-detection): fix various issues (#17197) 2025-11-06 12:55:18 -06:00
Vicki League
c404ee210b
[PM-26984] Use medium instead of semibold or bold (#17191) 2025-11-06 11:27:46 -05:00
Robyn MacCallum
c7da24e627
Pass cipherId in bgHandleReprompt (#17256) 2025-11-06 10:53:17 -05:00
Vicki League
7cbfcd23a8
[PM-26984] Use medium instead of semibold or bold (#17194) 2025-11-06 09:09:17 -06:00
Matt Gibson
57b8f18cdd
PM-27820 (#17245)
Some checks failed
Chromatic / Check PR run (push) Has been cancelled
Scan / Check PR run (push) Has been cancelled
Testing / Run tests (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (macos-14) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (ubuntu-22.04) (push) Has been cancelled
Testing / Run Rust tests on ${{ matrix.os }} (windows-2022) (push) Has been cancelled
Testing / Rust Coverage (push) Has been cancelled
Chromatic / Chromatic (push) Has been cancelled
Scan / Checkmarx (push) Has been cancelled
Scan / Sonar (push) Has been cancelled
Testing / Upload to Codecov (push) Has been cancelled
* limit port to internal communications

* A few more internal-only ports

* fixup tests

disabled tests that are now failing with a race condition.

* Remove autofill team review requirement
2025-11-05 20:22:34 -05:00
Matt Gibson
cbf380e023
Arch/pm 27820 (#17241)
* add storage port validation

* remove unused method

* Prefer property presence over truthyness
2025-11-05 18:09:15 -05:00
SmithThe4th
aabee1b827
Fixed incorrect toast messages on favorite (#17238) 2025-11-05 17:06:52 -05:00
Nick Krantz
8cd39690ed
[PM-27711] Loading Skeleton page (#17224)
* convert popup page component to use inputs

* disable overflow on popup page to allow content to naturally overflow

* migrate popup-page to OnPush

* add vault-loading-skeleton component

* remove internal loading text

* hide entire skeleton from screen readers
2025-11-05 14:05:15 -06:00
Bernd Schoolmann
3125f679d3
[PM-25206] Inject service instead of passing as param (#16801)
* Inject service instead of passing as param

* [PM-25206] Move locking logic to LockService (#16802)

* Move locking logic to lock service

* Fix tests

* Fix CLI

* Fix test

* FIx safari build

* Update call to lock service

* Remove locked callback

* Clean up lock service logic

* Add tests

* Fix cli build

* Add extension lock service

* Fix cli build

* Fix build

* Undo ac changes

* Undo ac changes

* Run prettier

* Fix build

* Remove duplicate call

* [PM-25206] Remove VaultTimeoutService lock logic (#16804)

* Move consumers off of vaulttimeoutsettingsservice lock

* Fix build

* Fix build

* Fix build

* Fix firefox build

* Fix test

* Fix ts strict errors

* Fix ts strict error

* Undo AC changes

* Cleanup

* Fix

* Fix missing service
2025-11-05 17:11:34 +01:00
Szymon
05ca57d538
[PM-26821] Improve macOS fullscreen ux (#16838)
* Improve popout window UX for fullscreen macOS

Adds special handling for popout windows when the sender is in fullscreen mode on macOS. The sender window moves from fullscreen to maximized before opening the popout, and the new window is focused after creation to improve user experience.

* Add tests for fullscreen popout behavior on mac

added happy path and skip path tests

* Move popout window check before fullscreen logic

* Refactor openPopout tests for platform-specific fullscreen handling

* run prettier

---------

Co-authored-by: Addison Beck <github@addisonbeck.com>
2025-11-04 20:54:20 -05:00
Vicki League
9bd7b58f6b
[PM-26984] Use medium instead of semibold or bold (#17188) 2025-11-04 15:27:13 -05:00
Jordan Aasen
d364dfdda0
[PM-26182] - [Defect] [Browser] Safari - Autofill on page load default setting is missing yes or no (#16605)
* handle parenthesis translation

* add whitespace around placeholder with parentheses

* fix test

* fix label

* fix spec
2025-11-04 10:59:00 -08:00
Vicki League
92118e525d
[PM-26984] Use medium instead of semibold or bold (#17185) 2025-11-04 13:56:01 -05:00
Daniel Riera
a71ab020c4
PM-27807 remove unused es-lint disable (#17212) 2025-11-04 12:47:26 -05:00
Vicki League
b79625def8
[PM-26984] Use medium instead of semibold or bold (#17187) 2025-11-04 08:29:31 -07:00
Mick Letofsky
ff611338f9
[PM-4735] - Refactor event handling of the browser close listener (#16798) 2025-11-04 15:20:54 +01:00
Vicki League
cba47e4abd
Update font to inter feature branch (#16782) 2025-11-03 15:17:07 -05:00
Daniel Riera
6265fc2d46
PM-25448 return null appropriately for subframe rects in order to reposition inline menu (#17129) 2025-11-03 13:39:25 -05:00
Kyle Denney
e1e3966cc2
[PM-23713] premium badge interaction (#16911)
* feature flag

* new upgrade dialog component and moved pricing service into libs

first draft

* moved pricing service to libs/common

removed toast service from the pricing service and implemented error handling in calling components

# Conflicts:
#	apps/web/src/app/billing/individual/upgrade/upgrade-payment/upgrade-payment.component.ts

* moved new premium upgrade dialog component to libs/angular

* badge opens new dialog in browser extension

* adds new dialog to desktop and fixes tests

* updates send dropdown to use premium prompt service

* styling and copy updates

* implement in web and desktop

* unit tests

* converting premium reports to use premium badge, and some cleanup

* fixes issue after merge

* linter errors

* pr feedback

* handle async promise correctly

* full sync after the premium upgrade is complete

* fixing test

* add padding to bottom of card in new dialog

* add support for self hosting

* fixing tests

* fix test

* Update has-premium.guard.ts

* pr feedback

* fix build and pr feedback

* fix build

* prettier

* fixing stories and making badge line height consistent

* pr feedback

* updated upgrade dialog to no longer use pricing card

* fixing incorrect markup and removing unused bits

* formatting

* pr feedback

removing unused message keys and adding back in code that was erroneously removed

* change detection

* close dialog when error

* claude pr feedback
2025-11-03 10:16:01 -06:00
Will Martin
7ac6a67835
[PM-26944] phishing data checksum diffing + daily patches (#16983)
* expose local db file to extension

* fetch from local db as fallback; only fetch new data on changed checksum; fetch from cdn

* check for undefined chrome runtime (for easy Storybook mocking)

* update capital letters lint

* add audit api tests

* add bash script to fetch local db info and split it to meet FF size limits

* add readme

* Rename README.md to readme.md

* remove leftover file

* remove unused methods from audit service

* remove local db logic

* wip

* revert local db build changes

* add tests; sub to updates directly; refactor teardown logic

* fix eslint crashing

* remove temp premium override

* remove unused test

* update timer value

* run prettier

* refetch all domains on app version change

* fix log statement

* harden fetching

* filter empty domains

* fix type issue

* fix typo

* fix type error

* fix cleanup
2025-11-03 08:49:33 -06:00
Github Actions
b4420d770e Bumped client version(s) 2025-11-03 14:27:34 +00:00
Jordan Aasen
b102ee4bdf
[PM-26653] - fix uri match strategy logic (#17142)
* fix uri match strategy logic

* fix variable name

* update logic and specs

* add test case
2025-11-02 08:14:30 -08:00
Ben Brooks
b5a7379ea9
feat(policies): PM-25570 Admin Console UI for URI Match Default Policy (#16752)
Admin Console UI for URI Match Default Policy

---------

Signed-off-by: Ben Brooks <bbrooks@bitwarden.com>
Co-authored-by: Jonathan Prusik <jprusik@users.noreply.github.com>
2025-10-31 13:50:45 -07:00
bw-ghapp[bot]
b7759abb20
Autosync the updated translations (#17145)
Co-authored-by: bitwarden-devops-bot <106330231+bitwarden-devops-bot@users.noreply.github.com>
2025-10-31 17:49:04 +00:00
Andreas Coroiu
48fb8b2bfe
[PM-25250] Prevent configuration and access of self hosted urls over http (#17095)
* feat: ban urls not using https

* feat: add exception for dev env

* feat: block fetching of insecure URLs

* feat: add exception for dev env

* feat: block notifications from using insecure URL

* fix: bug where submission was possible regardless of error

* feat: add exception for dev env

* fix: missing constructor param
2025-10-31 08:12:44 +01:00
Jordan Aasen
4a71503875
[PM-27642] - fix mp reprompt issue (#17131)
* fix mp reprompt issue

* fix logic. add more specs

* update vault popup autofill spec

* update jsdoc
2025-10-30 13:19:12 -07:00