[PM-13115] Allow users to disable extension content script injections by domain

[jprusik]

🎟️ Tracking

PM-13115

📔 Objective

Create a concept of disabled domains for the Bitwarden extension; unlike the excluded domains in the notification settings, a page belonging to the disabled domain list would prevent the Bitwarden extension from interacting with the page at all.

Notes

• This feature is gated by the block-browser-injections-by-domain feature flag
• While this work is functionally complete, there are follow up UX/design tasks (see tracked tasks in the ticket) that must be completed before this is released (via feature-flag)
• This would not replace or otherwise impact the “excluded domains” concept for notifications (at least not within the scope of this PR; see comment)
• Changes made to the blocked domains will not be reflected until the next content script injection to the page (typically a page navigation or refresh)
• Supporting presentational experience work split to [PM-16804] Add supporting Vault component presentational updates for blocked domains #12720 enable more incremental development

Screen capture

Kapture.2024-12-16.at.11.09.36.mp4

Kapture.2024-12-16.at.11.28.39.mp4

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – f39b8b59-7177-4af7-ae94-062678ef5beb

Fixed Issues

Severity	Issue	Source File / Package
	Client_Privacy_Violation	/apps/browser/src/autofill/deprecated/overlay/pages/list/autofill-overlay-list.deprecated.ts: 393
	Client_Privacy_Violation	/apps/browser/src/vault/popup/components/vault-v2/vault-list-items-container/vault-list-items-container.component.html: 15

[jprusik]

PopupFooterComponent was not in use anywhere here or in the template

[jprusik]

This file is largely a copy of apps/browser/src/autofill/popup/settings/excluded-domains.component.ts

[danielleflinn]

We have an open bug for the existing UI here PM-13808 with the input styling. Do you think we can get that fixed so we don't duplicate the UI into this new component?

[jprusik]

I added a note to that ticket to include the blocked URIs view that would be introduced by this work

[jprusik]

This concept allows for the conditional addition of icon indicators alongside the section title (in this case, an informational icon indicating the view contains ciphers for a domain that has been added to the user's block list).

[jprusik]

using the existing NeverDomains data shape give us tons of flexibility in the future if we implement more granular injection-blocking options.

As it is, we could merge the neverDomains state concept (expressed in the interface as "Excluded Domains" and currently used to allow users to block the notification bar on specified domains) into blockedInteractionsUris concept with a state migration.

For example (not a well-considered data shape, just for illustrative purposes):

{
  "banking-portal.real-tld": {
    "blockedInjections": null, // all injections blocked
    "dismissedMessages": ['autofillBlockedBanner']
  }, 
  "duckduckgo.com": {
    "blockedInjections": ["notifications", "inline-menu"], 
    "dismissedMessages": []
  }
}

[audreyality]

For example (not a well-considered data shape, just for illustrative purposes):

💭 You might want to update this example to account for our "no-null" guidance. If you want to keep the example short, I'd just swap out the null for true or "all" (no list).

A more comprehensive example that would be easier to port to Rust (as an enum) uses a discriminated union.

type ScriptType = "notifications" | "inline-menu";
type Injectable = { type: "allow-all" } | { type: "deny-list", injections: ScriptType[] } | { type: "deny-all" };

[jprusik]

noted; a fair point and we'll pull this into our design when we get to migrating excluded domains (or other NeverDomain concepts) in

[jprusik]

Looks like

[coltonhurst]

This is purposeful blocking, no? Do we want a visible error like this?

[jprusik]

I was thinking it might be helpful to have some kind of dev/console visibility in case people set a blocked domain and forget later (and then are wondering why the extension isn't working). But yeah, I think that would be better served as a warning or informational log

[jprusik]

updated in f6c1a55

[audreyality]

There's a nit, but it doesn't block merge.

[shane-melton]

This looks pretty good from a Vault's perspective and I'm excited for the feature!

I did have two suggestions for how we could better encapsulate the autofill logic and avoid adding complexity to the generic vault components. Let me know what you think!

[shane-melton]

🎨 How would you feel if we encapsulated this banner in its own blocked-injection-script-banner component? It would let us move the handleScriptInjectionIsBlockedBannerDismiss() and showScriptInjectionIsBlockedBanner logic out of the top-level vault.

This is a problem we have in the Web vault component today -- it has a lot of various business logic in a single component -- and I'm hoping we can avoid repeating that in the new refreshed Browser vault by breaking logic out into their own components.

[shane-melton]

🎨 I would prefer we use content projection instead of introducing sectionIndicator strings. We could use something like this in the template:

<h2 bitTypography="h6">
  {{ title }}
  <ng-content select="[slot=title-icon]"></ng-content>
</h2>

And then the autofill-vault-list-items component could do something like:

<app-vault-list-items-container ...>
   <i slot="title-icon"
      *ngIf="showAutofillBlockedIndicator"
      class="bwi bwi-info-circle"
      [appA11yTitle]="'autofillBlockedTooltip' | i18n">
   </i>
</app-vault-list-items-container>

This would help reduce the amount of bespoke autofill logic in our generic vault item components. Let me know what you think!