XuJiacheng/Xu_BrowserBookmark
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9abcab2c6a5f30ff607a05c425fe8302906f93d9
Xu_BrowserBookmark/openspec/specs/password-manager/spec.md

2.5 KiB
Raw Blame History

Capability: Password Manager

Purpose

Define password-manager behavior across the extension and web UI.

Requirements

Requirement: Extension save prompt

The extension SHALL prompt the user to save credentials when a login form is detected and submitted.

Scenario: Save confirmed

  • WHEN the user confirms “保存/记住密码” in the prompt
  • THEN the extension sends the credential to the server for storage

Scenario: Save canceled

  • WHEN the user cancels or dismisses the prompt
  • THEN the extension MUST NOT store the credential

Scenario: Save prompt suppressed for matching credential

  • GIVEN a previously saved credential for the same siteOrigin and username
  • WHEN the user submits the same password
  • THEN the save prompt is not shown

Scenario: Save prompt update for password change

  • GIVEN a previously saved credential for the same siteOrigin and username
  • WHEN the user submits a different password
  • THEN the prompt message indicates a password update

Scenario: Save prompt for new username

  • GIVEN a site with saved credentials
  • WHEN the user submits a username that does not exist
  • THEN the prompt message indicates a new account

Requirement: Extension autofill selector

The extension SHALL show a credential selector near login fields for sites with saved accounts.

Scenario: Select credential

  • GIVEN a site with multiple saved credentials
  • WHEN the user opens the selector and chooses one
  • THEN the username and password fields are filled with that credential

Requirement: Web password manager (desktop only)

The web app SHALL provide a desktop-only password manager view.

Scenario: Desktop view

  • WHEN the user visits the password manager page on desktop
  • THEN the page is visible and provides list/edit/delete

Scenario: Mobile view hidden

  • WHEN the user visits the password manager page on mobile
  • THEN the page is hidden or redirects to a notice page

Requirement: Plaintext visibility control

The system SHALL allow a user to reveal plaintext passwords for their own credentials during the current browser session.

Scenario: User reveals plaintext

  • GIVEN a non-admin user
  • WHEN the user chooses to reveal plaintext
  • THEN the UI shows plaintext passwords during the current browser session

Scenario: Admin view

  • GIVEN an admin user
  • WHEN the admin views credentials
  • THEN plaintext is visible
Reference in New Issue View Git Blame Copy Permalink