Show only domains that could plausibly match the site I'm viewing

[bkazez]

Versions

• Operating system: macOS 13.4 (22F66)
• Browser: 114.0.2 (64-bit)
• PassFF: 1.14.1
• Host app:

Status line output: [18:37:44] show -> (0) no error message

Steps to reproduce the issue

1. Add items www/digitalocean.com and www/digital.mybank.com
2. Navigate to digital.mybank.com

Actual behaviour

"Context" in passff shows both www/digitalocean.com and www/digital.mybank.com

Expected behaviour

passff should match domains in reverse DNS order and therefore show only digital.mybank.com.

Implications

This could create a situation where a user accidentally fills a bank password into an insecure site, just because the bank has "digital" as a subdomain and the insecure site includes that word in its domain name.

Related

#519

[tuxor1337]

Thanks for the suggestion! An option to have a stricter entry matching based on the domain only sounds reasonable and I will be happy to look into PRs in that direction.

[bkazez]

For example, my Home Depot password isn't relevant when looking at Nest: