From ee7844d6b1cebafb6ccddc72d41f9af485ee6bf4 Mon Sep 17 00:00:00 2001
From: gbubemismith <gsmithwalter@gmail.com>
Date: Tue, 10 Oct 2023 18:49:40 -0400
Subject: [PATCH] Used url from sender window in getting matching logins

---
 .../browser-popout-window.service.ts           |  2 +-
 .../popup/browser-popout-window.service.ts     | 18 ++++++++++++------
 .../browser-fido2-user-interface.service.ts    |  2 +-
 .../popup/components/fido2/fido2.component.ts  |  5 ++---
 4 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/apps/browser/src/platform/popup/abstractions/browser-popout-window.service.ts b/apps/browser/src/platform/popup/abstractions/browser-popout-window.service.ts
index e25bed10677..a8e7fcd92e5 100644
--- a/apps/browser/src/platform/popup/abstractions/browser-popout-window.service.ts
+++ b/apps/browser/src/platform/popup/abstractions/browser-popout-window.service.ts
@@ -11,7 +11,7 @@ interface BrowserPopoutWindowService {
   ): Promise<void>;
   closePasswordRepromptPrompt(): Promise<void>;
   openFido2Popout(
-    senderWindowId: number,
+    senderWindow: chrome.tabs.Tab,
     promptData: {
       sessionId: string;
       senderTabId: number;
diff --git a/apps/browser/src/platform/popup/browser-popout-window.service.ts b/apps/browser/src/platform/popup/browser-popout-window.service.ts
index 96c3d8b9c46..fec0697d8a9 100644
--- a/apps/browser/src/platform/popup/browser-popout-window.service.ts
+++ b/apps/browser/src/platform/popup/browser-popout-window.service.ts
@@ -50,7 +50,7 @@ class BrowserPopoutWindowService implements BrowserPopupWindowServiceInterface {
   }
 
   async openFido2Popout(
-    senderWindowId: number,
+    senderWindow: chrome.tabs.Tab,
     {
       sessionId,
       senderTabId,
@@ -68,12 +68,18 @@ class BrowserPopoutWindowService implements BrowserPopupWindowServiceInterface {
       "?uilocation=popout" +
       `&sessionId=${sessionId}` +
       `&fallbackSupported=${fallbackSupported}` +
-      `&senderTabId=${senderTabId}`;
+      `&senderTabId=${senderTabId}` +
+      `&senderUrl=${encodeURIComponent(senderWindow.url)}`;
 
-    return await this.openSingleActionPopout(senderWindowId, promptWindowPath, "fido2Popout", {
-      width: 200,
-      height: 500,
-    });
+    return await this.openSingleActionPopout(
+      senderWindow.windowId,
+      promptWindowPath,
+      "fido2Popout",
+      {
+        width: 200,
+        height: 500,
+      }
+    );
   }
 
   async closeFido2Popout(): Promise<void> {
diff --git a/apps/browser/src/vault/fido2/browser-fido2-user-interface.service.ts b/apps/browser/src/vault/fido2/browser-fido2-user-interface.service.ts
index e5b8a011363..4cd946a871e 100644
--- a/apps/browser/src/vault/fido2/browser-fido2-user-interface.service.ts
+++ b/apps/browser/src/vault/fido2/browser-fido2-user-interface.service.ts
@@ -333,7 +333,7 @@ export class BrowserFido2UserInterfaceSession implements Fido2UserInterfaceSessi
       )
     );
 
-    const popoutId = await this.browserPopoutWindowService.openFido2Popout(this.tab.windowId, {
+    const popoutId = await this.browserPopoutWindowService.openFido2Popout(this.tab, {
       sessionId: this.sessionId,
       senderTabId: this.tab.id,
       fallbackSupported: this.fallbackSupported,
diff --git a/apps/browser/src/vault/popup/components/fido2/fido2.component.ts b/apps/browser/src/vault/popup/components/fido2/fido2.component.ts
index bbf7e55ad77..fbba7a5a011 100644
--- a/apps/browser/src/vault/popup/components/fido2/fido2.component.ts
+++ b/apps/browser/src/vault/popup/components/fido2/fido2.component.ts
@@ -89,6 +89,7 @@ export class Fido2Component implements OnInit, OnDestroy {
       map((queryParamMap) => ({
         sessionId: queryParamMap.get("sessionId"),
         senderTabId: queryParamMap.get("senderTabId"),
+        senderUrl: queryParamMap.get("senderUrl"),
       }))
     );
 
@@ -97,7 +98,7 @@ export class Fido2Component implements OnInit, OnDestroy {
         concatMap(async ([queryParams, message]) => {
           this.sessionId = queryParams.sessionId;
           this.senderTabId = queryParams.senderTabId;
-
+          this.url = queryParams.senderUrl;
           // For a 'NewSessionCreatedRequest', abort if it doesn't belong to the current session.
           if (
             message.type === "NewSessionCreatedRequest" &&
@@ -145,8 +146,6 @@ export class Fido2Component implements OnInit, OnDestroy {
       concatMap(async (message) => {
         switch (message.type) {
           case "ConfirmNewCredentialRequest": {
-            const activeTabs = await BrowserApi.getActiveTabs();
-            this.url = activeTabs[0].url;
             const equivalentDomains = this.settingsService.getEquivalentDomains(this.url);
 
             this.ciphers = (await this.cipherService.getAllDecrypted()).filter(