diff --git a/keepassxc-browser/background/keepass.js b/keepassxc-browser/background/keepass.js index ae6ec86..c1d1367 100755 --- a/keepassxc-browser/background/keepass.js +++ b/keepassxc-browser/background/keepass.js @@ -582,7 +582,7 @@ keepass.requestAutotype = async function(tab, args = []) { const kpAction = kpActions.REQUEST_AUTOTYPE; const nonce = keepassClient.getNonce(); - const search = page.getTopLevelDomainFromUrl(args[0]); + const search = await page.getBaseDomainFromUrl(args[0]); const messageData = { action: kpAction, diff --git a/keepassxc-browser/content/keepassxc-browser.js b/keepassxc-browser/content/keepassxc-browser.js index b51d8e8..881c113 100755 --- a/keepassxc-browser/content/keepassxc-browser.js +++ b/keepassxc-browser/content/keepassxc-browser.js @@ -1003,7 +1003,10 @@ browser.runtime.onMessage.addListener(async function(req, sender) { } else if (req.action === 'show_password_generator') { kpxcPasswordGenerator.showPasswordGenerator(); } else if (req.action === 'request_autotype') { - sendMessage('request_autotype', [ window.location.hostname ]); + // All frames can perform this. Ignore iframes that are not allowed. + if (await isIframeAllowed()) { + sendMessage('request_autotype', [ window.location.hostname ]); + } } } });