URL subdomain matching issue

[comzine]

          I think this issue has become less pressing or stale, especially with the ability now to exclude individual entries from AutoFill (see #703 )... Please raise fresh issues for any remaining improvements.

Originally posted by @strongbox-mark in https://github.com/strongbox-password-safe/Strongbox/issues/517#issuecomment-1649558280

Hi @georgesnow - I think/hope the sorting algorithm for subdomains/hosts is better in 1.58.10/11, would be interested to hear what you think or what's not working/working.

I do have 1.58.37. And I also have the same issue. Autofill in portainer.example.com gives me the suggestion of c.example.com. In the list of other options I can choose portainer.istan.de and it says "From this domain". Would be really nice, if there is a url matching feature like in KeepassXC.

[strongbox-mark]

Hi @comzine - is this on iOS/macOS, which browser?

Could you send a screen recording and precise URLs to support@strongboxsafe.com and we'll take a look?

[comzine]

Thanks for the quick answer. I sent a screen recording as you requested. (macOS 14.1.2 and Safari)

[strongbox-mark]

Got it, thanks @comzine - Unfortunately this is Apple's own sorting algorithm in Safari, we can tell Safari we have a login for X url, but it sorts those suggestions itself and it doesn't seem to do a very good job I'm afraid. This isn't something we can fix I'm afraid.

[tonyxu-io]

I really like how Bitwarden supports different ways of matching the URLs, by base domains, by host, or by regex. It's super flexible, and I'm using all these options depending on my use case. https://bitwarden.com/help/uri-match-detection/#match-detection-options

[tonyxu-io]

I'm actually seeing same issue with chrome extension autofill. I have password1 for a.example.com and password2 for b.example.com. For some reason it's autofilling password 2 for a.example.com.

[strongbox-mark]

Hi @tonyxu-io - That doesn't sound right, how are you verifying this? Would you be able to send a screen recording demonstrating the issue to support@strongboxsafe.com?

[tonyxu-io]

Hi @tonyxu-io - That doesn't sound right, how are you verifying this? Would you be able to send a screen recording demonstrating the issue to support@strongboxsafe.com?

Thanks, just sent to the email.

[strongbox-mark]

In email correspondence we discovered there is a slight bug in sorting of URLs, they're not always sorted from most specific match as they should be when the match is beyond the PSL suffix. e.g.

1. https://abc.linked.com
2. https://grid.linked.com

when visiting https://some-sub-domain.grid.linkedin.com, URL 2 should be sorted as the best match. Currently this isn't the case. We'll work on fixing that. Thanks @tonyxu-io

[tonyxu-io]

In email correspondence we discovered there is a slight bug in sorting of URLs, they're not always sorted from most specific match as they should be when the match is beyond the PSL suffix. e.g.

1. https://abc.linked.com

2. https://grid.linked.com

when visiting https://some-sub-domain.grid.linkedin.com, URL 2 should be sorted as the best match. Currently this isn't the case. We'll work on fixing that. Thanks @tonyxu-io

Amazing! Good to know this will be fixed! This is my only pain point. Great job team I love this app!

Just created a new issue for tracking as this ticket was created for different issue.