allow webdomains for browsers only, otherwise use package name

src/keepass2android/services/AutofillBase/AutofillServiceBase.cs

@@ -34,7 +34,7 @@ namespace keepass2android.services.AutofillBase
             CommonUtil.logd( "onFillRequest");
             var structure = request.FillContexts[request.FillContexts.Count - 1].Structure;
 
-            //TODO package signature verification?
+            //TODO support package signature verification as soon as this is supported in Keepass storage
 
             var clientState = request.ClientState;
             CommonUtil.logd( "onFillRequest(): data=" + CommonUtil.BundleToString(clientState));
@@ -96,8 +96,8 @@ namespace keepass2android.services.AutofillBase
 
         public override void OnSaveRequest(SaveRequest request, SaveCallback callback)
         {
-            //TODO implement
+            //TODO implement save
-            callback.OnFailure("not implemented");
+            callback.OnFailure("Saving data is currently not implemented in Keepass2Android.");
         }
 
 

src/keepass2android/services/AutofillBase/Kp2aDigitalAssetLinksDataSource.cs

@@ -1,4 +1,5 @@
-using Android.Content;
+using System.Collections.Generic;
+using Android.Content;
 
 namespace keepass2android.services.AutofillBase
 {
@@ -23,8 +24,23 @@ namespace keepass2android.services.AutofillBase
 
         public bool IsValid(Context context, string webDomain, string packageName)
         {
-            //TODO implement
+            return (IsTrustedBrowser(packageName));
-            return true;
+
+        }
+
+        static readonly HashSet<string> _trustedBrowsers = new HashSet<string>
+        {
+            "org.mozilla.klar","org.mozilla.focus","org.mozilla.firefox","org.mozilla.firefox_beta","com.microsoft.emmx",
+            "com.android.chrome","com.chrome.beta","com.android.browser","com.brave.browser","com.opera.browser",
+            "com.opera.browser.beta","com.opera.mini.native","com.chrome.dev","com.chrome.canary",
+            "com.google.android.apps.chrome","com.google.android.apps.chrome_dev","com.yandex.browser",
+            "com.sec.android.app.sbrowser","com.sec.android.app.sbrowser.beta","org.codeaurora.swe.browser",
+            "com.amazon.cloud9"
+        };
+
+        private bool IsTrustedBrowser(string packageName)
+        {
+            return _trustedBrowsers.Contains(packageName);
         }
     }
 }

src/keepass2android/services/AutofillBase/StructureParser.cs

@@ -103,13 +103,12 @@ namespace keepass2android.services.AutofillBase
 		        bool valid = Kp2aDigitalAssetLinksDataSource.Instance.IsValid(mContext, webDomain, packageName);
 		        if (!valid)
 		        {
-		            throw new Java.Lang.SecurityException(mContext.GetString(
+		            CommonUtil.loge($"DAL verification failed for {packageName}/{webDomain}");
-		                Resource.String.invalid_link_association, webDomain, packageName));
+		            webDomain = null;
 		        }
-                Log.Debug(CommonUtil.Tag, $"Domain {webDomain} is valid for {packageName}");
 		    }
-		    else
+		    if (string.IsNullOrEmpty(webDomain))
-		    {
+            {
 		        webDomain = "androidapp://" + packageName;
                 Log.Debug(CommonUtil.Tag, "no web domain. Using package name.");
 		    }
@@ -143,7 +142,7 @@ namespace keepass2android.services.AutofillBase
 				}
 				else
 				{
-                    //TODO implement
+                    //TODO implement save
                     throw new NotImplementedException("TODO: Port and use AutoFill hints");
 					//ClientFormData.Add(new FilledAutofillField(viewNode));
 				}

src/keepass2android/services/AutofillBase/model/FilledAutofillField.cs

@@ -83,7 +83,7 @@ namespace keepass2android.services.AutofillBase.model
 		    }
             AutofillHints = hintList.ToArray();
 
-            //TODO port updated FilledAutofillField
+            //TODO port updated FilledAutofillField for saving
 			AutofillValue autofillValue = viewNode.AutofillValue;
 			if (autofillValue != null)
 			{