Autofill in chrome (or some chrome based browsers)

[AJJLagerweij]

Describe the bug My chrome browser does not seem to find any autofill fields whereas firefox (focus and preview) browser does for the same website.

To Reproduce Steps to reproduce the behaviour:

1. Open in a url for which an autofill is setup with firefox and chrome
2. Ony in firefox, I see the autofill option, not in chrome

Expected behaviour I expected that Autofill would work on (all) mainstream browsers.

Keepass Database

• Created with: KeePassXC 2.5.4
• Version: .kdbx 4.0
• Location: Remote file retrieved with DS Cloud (synology)
• Size: 200kb
• Contains attachment: No

KeePassDX (please complete the following information):

• Version: 2.5
• Build: Free
• Language: Nederlands

Android (please complete the following information):

• Device: LG V30
• Version: Android 9 (security update 1 nov 2019)

Additional context Add any other context about the problem here.

• Browser for Autofill: Chrome (Chrome Beta, Ecosia) and Firefox (Focus, Preview)

[J-Jamet]

This is a problem in Chrome, you should open an issue with the relevant Chrome projects, ~I can't do anything from KeePassDX.~ Maybe the chrome browser knowingly blocks the autofill, I don't really know. It's listed in the wiki: https://github.com/Kunzisoft/KeePassDX/wiki/AutoFill#web-browser-app-bug

Edit: A solution was found to integrate the Autofill compatibility mode. https://github.com/Kunzisoft/KeePassDX/issues/551#issuecomment-639724465

[AJJLagerweij]

Thanks for your response I should have looked at the docs more carefully first. I have to admit it's stupid that Google made the api in android but didn't implement it in their browser.

[J-Jamet]

Yes, I don't really understand this logic either. If you find the exact answer in your research on Chrome, you can leave a comment, it would be interesting to know the reason! ;)

[AJJLagerweij]

I found out that, as expected users of other Autofill apps are complaining about the lack and inconsistency of Autofill in chromium based browsers, see this thread at bitwarden.

The Chromium bug reporter has quite a couple of Autofill bugs listed. I think that this is the one we are interested in: https://bugs.chromium.org/p/chromium/issues/detail?id=849774&q=Autofill%20framework&colspec=ID%20Pri%20M%20Stars%20ReleaseBlock%20Component%20Status%20Owner%20Summary%20OS%20Modified

It seems however that some other password managers can get the Autofill to work in chrome even though it is quite buggy sometimes. See for example this Reddit thread, I'm not sure how Bitwarden and 1Password made this work without using the accessibility plugins.

It seems that the Autofill API is not properly working in Chromium-based browsers but that workarounds are possible. As to why it is not implemented correctly in Chromium is unclear, maybe they haven't had the time to fix the problems yet.

[J-Jamet]

I had read the issue on bitwarden, what intrigues me is this comment: https://github.com/bitwarden/mobile/issues/489#issuecomment-584394553

It indicates that previous versions are working, so I did some research on web. I found this image which comes from androidcentral:

Which clearly indicates that there was an option before. But in new versions of Chrome, this has been replaced by menus "Passwords", "Payment methods", "Addresses and more" so the connection information for filling in the form is linked only to a Google account. (Not stupid guys, I'll let you make your own conclusions!)

The reddit discussion indicates that Chrome, 78.0.3904.96 and less is working. There may be specific versions of the web browser to test and maybe downgraded.

[AJJLagerweij]

I agree with your findings, this is definitely a google thingy, sadly autofill also part of the modern non-google chromium builds I checked through F-Droid. Should I try to get in touch with Bitwarden to see how they circumvent the issue?

[Stephan-P]

Please note that Bitwarden is able to provide autofill using the (old fashioned0 Accesibility Service only. The (newer) Android Autofill service is not yet functional with e.g. Chrome, Vivaldi and other browsers. They are in this mess as well.

To add to this, I just discovered to my great joy that KeePassDX does provide autofill in the DuckDuckGo browser using the (new) Android Autofill Service.

System details: Nokia 3.1 Android 9 Vivaldi - Snapshot 3.1.1905.3 (my main browser) DuckDuckGo 5.53.1 (fallback browser) Bitwarden 2.3.1 Beta channel Bitwarden Autofill Service - disabled (it doesn't work. check with each release) Bitwarden Accessibility Service - enabled (functional with Vivaldi-browser) KeePassDX 2.5 KeePassDX Autofill Service - enabled (functional with DDG-browser) KeePassDX Accesibility Service - disabled KeePassDX Magikeyboard - disabled (don't like it)

[AJJLagerweij]

Yeah I also found Firefox, DuckDuck Browser to work work and Dolfin did sometimes work.

[J-Jamet]

I am not for the use of the accessibility service, because this service is not made for that. He is present for people with disabilities. If we use this service for something else, it's like we have a ramp for the disabled, and we use it for biking. Sure, it works but people who need this service for something else are blocked. Chrome has knowingly blocked autofill so it's up to them to re-enable it for their browser, it's not up to us to find alternative solutions and workarounds. It is a good thing to list the compatible browsers but the version number of each application must be present and we must indicate if it depends directly on the WebView of the device.

[szaimen]

I am all in for using accessibility settings to be able to autofill in chromium based browsers because you can use that with more than one app: it is not blocked by one app unlike the autofill service.

[chilliger]

@csagan5 what do you think? Is it possible to enable autofill in bromite until this is fixed upstream?

[csagan5]

@csagan5 what do you think? Is it possible to enable autofill in Bromite until this is fixed upstream?

After reading this and related issues I understand that only under certain conditions a Chromium derivative will use the Android autofill framework and otherwise it uses Sync. Related Bromite issues: https://github.com/bromite/bromite/issues/230 https://github.com/bromite/bromite/issues/348

The upstream issue to track seems to be https://bugs.chromium.org/p/chromium/issues/detail?id=1015381

I have also verified that Bitwarden works with Chrome through the autofill framework even before Sync is enabled, but I could not reproduce this working behavior with any Chromium (also when it uses org.chromium.chrome as package name); this matches what most of the pople in https://github.com/bitwarden/mobile/issues/489 have reported. Other apps use a keyboard/or a plugin to workaround these issues, see also https://github.com/PhilippC/keepass2android/blob/master/docs/AccServiceAutoFill.md

I do not know precisely when upstream broke the "Android autofill framework" support but it matches what I have seen in submitted Bromite issue reports over last year or so; we have to wait for upstream to fix it, if they will (last comment from developers was on December 2019, it is outside any PO list and thus it's unlikely it will be fixed soon).

I am however interested in why it works for Bitwarden for Chrome without Sync enabled, if any progress can be done on this research then we could leverage it.

@J-Jamet I took the liberty to mention the upstream bug in https://github.com/Kunzisoft/KeePassDX/wiki/AutoFill (maybe having more users vote on this bug is a good thing)

[Stephan-P]

Bitwarden too is having problems with the Autofill service and really only functions through the Accessibility service. https://github.com/bitwarden/mobile/issues/952

[csagan5]

@Stephan-P I had just tested it without accessibility, it works for Chrome.

[J-Jamet]

@csagan5 Please indicate the version of Android, the version of Chrome and bitwarden. If Bitwarden works without accessibility, there must be a tip. And no problem to indicate the link in the wiki.

[csagan5]

Please indicate the version of Android, the version of Chrome and bitwarden. If Bitwarden works without accessibility, there must be a tip.

Android 9, Chrome 80.0.3987.149 and 83.0.4103.96, Bitwarden 2.4.2 and the previous version (I guess 2.4.1 or 2.4.0). No account signed-in in Chrome.

[J-Jamet]

@csagan5 Indeed, I just tested with the configuration you just gave and it works for Bitwarden but not with KeePassDX (I have no log arriving), as if it did not even fit into the service methods. I do not understand why, I will do more tests.

[J-Jamet]

It seems to be related to the internal compatibility system of the Chrome application for this version, I will add configurations for each browser, as did Bitwarden. https://developer.android.com/reference/android/service/autofill/AutofillService#compatibility-mode I will also improve the parser, I have good results with this config.

[J-Jamet]

The integration of the Autofill compatibility mode works rather well when we put the name of the corresponding package. It will be necessary to update the file for each new app derivative and use the TEXT_VARIATION parser but it works.

[Stephan-P]

Quick test with today's version 2.6 on Android 9. Autofill service enabled for KeepassDX No Accessibility service enabled.

With Vivaldi snapshot v3.1.1935.3 no luck. With Duckduckgo browser v5. 55.1 perfect autofill funtionality.

[J-Jamet]

Indeed, the correction will only be effective in version 2.7. Version 2.6 only slightly changes the autofill. I still have to modify the parser because some sites are not well recognized with the compatibility mode.

[rakshazi]

Could you add bromite to supported browsers list, please?

[csagan5]

I will add configurations for each browser, as did Bitwarden.

Good finding; I wonder what exactly is necessary from the browser side in order for this to work, as in the case of Bitwarden autofill does not work for Bromite/Chromium.

[Stephan-P]

I personally find it very cumbersome that support for browsers needs to be setup from the password manager's source code. It'll be a loooong list for you to maintain and new users using a new obscure browser need to wait for the password manager's new release. Is there really no way around this? (I've asked the same question at Bitwarden's, but there it is deemed unavoidable) If this is down to the Android Autofill service API, then ... (bites tip of tong)

[J-Jamet]

Of course there is a normal way, it is to create an Autofill compatible browser (the list is not present in the current versions of KeePassDX and it works very well for many browsers). This solution is not the normal way to operate the autofill. Read the link to the official documentation. It only allows to activate the compatibility mode which is not optimized. It is a temporary solution for a browser, and a workaround for KeePassDX.

[J-Jamet]

Important note: the autofill compatibility mode prevents automatic search because the URL of the web page is not recognized, the search can therefore only be done with the browser package with this method.

[J-Jamet]

Could you add bromite to supported browsers list, please?

It's inside but there must be ~a Bromite patch~ something which prevents compatibility mode because it works with Chrome 83.0.4103.96 but not with Bromite 83.0.4103.96 (for KeePassDX and Bitwarden same behavior).

[csagan5]

It's inside but there must be a Bromite patch which prevents compatibility mode because it works with Chrome 83.0.4103.96 but not with Bromite 83.0.4103.96 (for KeePassDX and Bitwarden same behavior).

First it must be tested with Chromium; there are no official Chromium releases (as far as I know) but if you support org.bromite.chromium we could test with Bromite's vanilla Chromium build.

If it works with Chrome but not with Chromium it cannot be a patch in Bromite but something else, more difficult to pinpoint.

[J-Jamet]

Yes it's possible. I withdraw what I said for the patches, we need to do more tests. But it's in the list, so there isn't much I can do on KeePassDX.

https://github.com/Kunzisoft/KeePassDX/blob/e2a1e3f3274e92058c8dd67c00160e9897a2923a/app/src/main/res/xml/dataset_service.xml#L139 I will provide a version 2.7 specifically related to the autofill to test.

[J-Jamet]

The 2.7 is released, ~I don't think I can do better now.~ :D

[J-Jamet]

I forgot to precise. When using compatibility mode, it is not possible to see the webDomain of a visited URL in the browser. So it is not possible to search by webDomain or block by webDomain, only the browser applicationID is visible. Unless I missed something.

[szaimen]

How to use the compatibility mode?

[J-Jamet]

Autofill compatibility mode is activated for applications whose applicationId is present in the list: https://github.com/Kunzisoft/KeePassDX/blob/master/app/src/main/res/xml/dataset_service.xml https://developer.android.com/reference/android/service/autofill/AutofillService#compatibility-mode You cannot activate it manually.

[J-Jamet]

I have no feedback, so I think you're happy. :p Tell me if something is wrong.

[rakshazi]

@J-Jamet waiting for F-droid :)

[J-Jamet]

@rakshazi I installed version 2.7 yesterday from F-Droid on my personal phone! ;)

[AJJLagerweij]

Thanks for the improvement. I've just gotten the update and it does indeed work.

[rakshazi]

Does not work for me :( Bromite (latest), LingeageOS 17.1 (Android 10), KeePassDX 2.7 Libre

I configured autofill service, enabled it, restarted phone, tried to use with bromite on myshows.me login and wgt.rakshazi.me login, but nothing (literally) happened

[csagan5]

Does not work for me :( Bromite (latest)

See https://github.com/bromite/bromite/blob/master/FAQ.md#does-bromite-support-the-android-autofill-framework

It does not work for any Chromium or Bromite.

[rakshazi]

My bad, missed it

[csagan5]

My bad, missed it

In this and other issues I have been investigating whether it's possible to make it work; I have verified that if you use an Android Virtual Device without Play Services it doesn't work for Chrome either.

So the "magic" is that the Play Services binary blobs must be included in order for it to work; this is not possible for Bromite, it might work in the future if open source stubs are developed and included (see also: https://microg.org/)

[danialasghar]

Using the latest version 2.7, latest Chrome version, Android 10 OOS

Chrome does not seem to be autofilling for me it just reports "com.android.chrome" to the app and asks you to search yourself. Just wanted to report...

[jmichler]

Using the latest version 2.7, latest Chrome version, Android 10 OOS

Chrome does not seem to be autofilling for me it just reports "com.android.chrome" to the app and asks you to search yourself. Just wanted to report...

Yes I can confirm this behavior with Chrome 84.0.4147.111 and keepassdx 2.8.1 with Android 10. On Firefox the url is passed to keepass

[J-Jamet]

As I said before, this is because Chrome has removed its native autofill integration and KeePassDX needs to use compatibility mode. If you want better integration for your browser, it must natively integrate the autofill (only in this case the webDomain field is correctly populated).

[KaktusXY]

Using the latest version 2.7, latest Chrome version, Android 10 OOS

Chrome does not seem to be autofilling for me it just reports "com.android.chrome" to the app and asks you to search yourself. Just wanted to report...

Yes I can confirm this behavior with Chrome 84.0.4147.111 and keepassdx 2.8.1 with Android 10. On Firefox the url is passed to keepass

Problem with the Autofill-Service

I used Keepass2Android (https://github.com/PhilippC/keepass2android) before and there Chrome (Brave) reported the Website URL, but with KeepassDX it only reports "com.brave.browser" and not the URL of the Website. But in the DuckDuckGo Browser (v.5.61.2) it works correctly.

Brave version : 1.12.113

[J-Jamet]

I used Keepass2Android (https://github.com/PhilippC/keepass2android) before and there Chrome (Brave) reported the Website URL, but with KeepassDX it only reports "com.brave.browser" and not the URL of the Website.

@KaktusXY Please confirm :

• It was autofill and not the accessibility service
• Your browser version

[KaktusXY]

@J-Jamet Whats the difference between autofill and the accessibility service

[J-Jamet]

I repeat:

Accessibility service : https://developer.android.com/reference/android/accessibilityservice/AccessibilityService Sometimes used by other managers as a hack but should only be used to assist users with disabilities. Will not be used in KeePassDX. https://github.com/Kunzisoft/KeePassDX/issues/551#issuecomment-629761239

Autofill service : https://developer.android.com/reference/android/service/autofill/AutofillService The service for filling out forms, must be integrated into the browser. If the browser do not support it natively, the compatibility mode is used and the webdomain cannot be used. https://github.com/Kunzisoft/KeePassDX/issues/551#issuecomment-672060258

Chrome removed its code for autofill. The derivatives therefore no longer have it either. https://github.com/Kunzisoft/KeePassDX/issues/551#issuecomment-627224788

If your browser is already in the compatibility list (https://github.com/Kunzisoft/KeePassDX/blob/master/app/src/main/res/xml/dataset_service.xml) but the behavior does not suit you, ask the browser developers to add autofill. Otherwise change browser.

[cloudy-dev]

I used Keepass2Android (https://github.com/PhilippC/keepass2android) before and there Chrome (Brave) reported the Website URL, but with KeepassDX it only reports "com.brave.browser" and not the URL of the Website.

@KaktusXY Please confirm :

• It was autofill and not the accessibility service
• Your browser version

Since @KaktusXY didn't answer, or at least his comment was deleted, I'm gonna answer this one. Keepass2Androids autofill in Chrome works without a problem for me.

• the accessibility service plugin was not installed, and no accessibility service active
• Google Chrome Version: 85.0.4138.127
• Keepass2Android Version: 1.08b

Changelog for K2A Version 1.07b: "Add AutoFill support for several more browsers" .Maybe this added Chrome support too. I could test this if you want.

Thank you for developing this awesome app btw. ❤️

[J-Jamet]

@cloudy-dev OK, Thank you for the feedback. When you says "Keepass2Androids autofill in Chrome works without a problem for me.", Does that mean that the WebDomain is correctly retrieved and that autosearch works on this version "85.0.4138.127" of Chrome?