1166998 - Run login capture code when a password field loses visibility on the page

Status: ASSIGNED

(Toolkit :: Password Manager, enhancement, P3)

Description

[Matthew N. [:MattN]]

Pages can use JS to handle logins instead of using form submission events and we should try to capture the saved values in those cases. One heuristic is if a password field is no longer visible in the page.

We can likely use a reflow observer or Mutation Observers/Events for this but whatever we use will likely need to have access to the removed element and the associated username field before it gets deleted.

Once we get notified by one of the above methods of a style change, we can use some tools to check visibility:
* GetBoundsWithoutFlushing or GetBoxQuad looking at the position (to see if it's offscreen) and dimensions (width and height == 0)
* ComputedStyle (recursively looking at element.parentNode) looking at display, visibility & opacity.

Some of these method above are less common and can be handled in follow-up bugs.

Some edge cases to consider:
* Low opacity values 0.1
* If handling visibility on screen, be careful on pages that have scrollbars as scrolling offscreen by the user shouldn't trigger a capture.
* Ensure we don't do visibility calculations when the frame is hidden as that may lead to false positives.
* We probably don't want to cause a second capture doorhanger to appear if the values were already captured via other methods (e.g. onbeforesubmit, removed fields (bug 1166995 or other heuristics).
* We probably don't want to display multiple capture doorhangers (replacing the previous one) when there were multiple password fields in the form losing visibility (e.g. a password change or registration form with double-entry) as the user may have already dismissed the first one and reopening would interrupt the user.