Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PM-2432][Build Artifacts] Account Switcher A11y #6558

Closed
wants to merge 6 commits into from
Closed

[PM-2432][Build Artifacts] Account Switcher A11y #6558

wants to merge 6 commits into from

Conversation

rr-bw
Copy link
Contributor

@rr-bw rr-bw commented Oct 11, 2023

Objective

PR to build artifacts for #5529

@patrickhlauke
Tweak account switcher button
a7743cc 
- if it opens a dialog, it should advertise this with `aria-haspopup="dialog"`, not `aria-haspopup="menu"`
- if it opens a dialog, the `aria-expanded` is pointless (as the user will never get back out into the underlying page to check if it's expanded or collapsed, since it's for a dialog not a disclosure widget or menu)
@patrickhlauke
Make two variants for button to sort out aria-label on logged-in case
c6c5576
@patrickhlauke
Remove aria-controls for button
0d82bba 
as it's a dialog that opens, not a disclosure, this is irrelevant
@patrickhlauke
Fix overlayPostition typo
91866d8
@patrickhlauke
Simplify approach
7ffa133 
just use existing single button, but add visually hidden extra "Switch account" to accName
@patrickhlauke
Tweak account switch buttons in dialog/dropdown
1fb80ac 
* Take out the confusing "Logged in as..." a11y text
* Use visible button text (with a few extra `sr-only` parts, for readability) as the button's accName
* Add the "Switch account" context to each of the buttons to make clear what they do
@rr-bw rr-bw added the hold do not merge, do not approve yet label Oct 11, 2023
@rr-bw rr-bw requested a review from a team as a code owner October 11, 2023 18:40
@github-actions github-actions bot added the needs-qa Marks a PR as requiring QA approval label Oct 11, 2023
@bitwarden-bot
Copy link

Logo
Checkmarx One – Scan Summary & Detailsd742d4c0-2ed0-4554-970b-22867b2237e4

New Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM Client_Privacy_Violation /apps/browser/src/background/runtime.background.ts: 226 Attack Vector
MEDIUM Client_Privacy_Violation /apps/web/src/app/vault/components/password-reprompt.component.html: 23 Attack Vector
MEDIUM Client_Privacy_Violation /apps/desktop/src/vault/app/components/password-reprompt.component.html: 19 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/vault/popup/components/password-reprompt.component.html: 17 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/vault/popup/components/vault/view.component.html: 662 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/vault/popup/components/vault/view.component.html: 80 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/vault/popup/components/vault/view.component.html: 76 Attack Vector
MEDIUM Client_Privacy_Violation /apps/browser/src/vault/popup/components/vault/view.component.html: 70 Attack Vector
LOW Client_Weak_Cryptographic_Hash /libs/common/src/services/webCryptoFunction.service.ts: 139 Attack Vector
LOW Client_Weak_Cryptographic_Hash /libs/common/src/services/webCryptoFunction.service.ts: 139 Attack Vector
LOW Use_Of_Hardcoded_Password /libs/common/src/vault/models/domain/password.spec.ts: 58 Attack Vector
LOW Use_Of_Hardcoded_Password /libs/common/src/models/domain/enc-string.ts: 63 Attack Vector
LOW Use_Of_Hardcoded_Password /libs/common/src/models/domain/enc-string.ts: 58 Attack Vector
LOW Use_Of_Hardcoded_Password /libs/common/src/models/domain/enc-string.ts: 56 Attack Vector
LOW Use_Of_Hardcoded_Password /libs/common/src/models/domain/enc-string.ts: 56 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/auth/commands/login.command.ts: 144 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/auth/commands/login.command.ts: 143 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/auth/commands/login.command.ts: 142 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/auth/commands/login.command.ts: 446 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/auth/commands/login.command.ts: 408 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/auth/commands/login.command.ts: 545 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/auth/commands/login.command.ts: 528 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/auth/commands/login.command.ts: 503 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/auth/commands/login.command.ts: 503 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/auth/commands/login.command.ts: 497 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/auth/commands/login.command.ts: 486 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/auth/commands/login.command.ts: 486 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/auth/commands/login.command.ts: 490 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/auth/commands/login.command.ts: 489 Attack Vector
LOW Use_Of_Hardcoded_Password /libs/common/src/vault/models/domain/login.spec.ts: 112 Attack Vector
LOW Use_Of_Hardcoded_Password /libs/common/src/models/domain/enc-string.ts: 63 Attack Vector
LOW Use_Of_Hardcoded_Password /libs/common/src/models/domain/enc-string.ts: 58 Attack Vector
LOW Use_Of_Hardcoded_Password /libs/common/src/models/domain/enc-string.ts: 56 Attack Vector
LOW Use_Of_Hardcoded_Password /libs/common/src/models/domain/enc-string.ts: 56 Attack Vector
LOW Use_Of_Hardcoded_Password /libs/common/src/services/web-crypto-function.service.spec.ts: 368 Attack Vector
LOW Use_Of_Hardcoded_Password /libs/common/src/auth/login-strategies/password-login.strategy.spec.ts: 30 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/utils.ts: 245 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/utils.ts: 239 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/utils.ts: 238 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/utils.ts: 237 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/cli/src/tools/generate.command.ts: 60 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/browser/main-context-menu-handler.spec.ts: 94 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/content/notification-bar.ts: 534 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/content/notification-bar.ts: 534 Attack Vector
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/content/notification-bar.ts: 528 Attack Vector
LOW Use_Of_Hardcoded_Password /libs/node/src/services/node-crypto-function.service.spec.ts: 305 Attack Vector
LOW Use_Of_Hardcoded_Password /libs/common/src/vault/services/cipher.service.ts: 128 Attack Vector
LOW Use_of_Broken_or_Risky_Cryptographic_Algorithm /apps/browser/src/autofill/browser/main-context-menu-handler.spec.ts: 126 Attack Vector
LOW Use_of_Broken_or_Risky_Cryptographic_Algorithm /libs/node/src/services/node-crypto-function.service.ts: 23 Attack Vector

Fixed Issues

Severity Issue Source File / Package
HIGH Client_DOM_Code_Injection /apps/browser/src/autofill/services/collect-autofill-content.service.ts: 953
MEDIUM Client_Privacy_Violation /apps/browser/src/background/runtime.background.ts: 295
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/services/collect-autofill-content.service.spec.ts: 171
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/services/collect-autofill-content.service.spec.ts: 170
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/services/collect-autofill-content.service.spec.ts: 169
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/services/collect-autofill-content.service.spec.ts: 82
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/services/collect-autofill-content.service.spec.ts: 81
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/services/collect-autofill-content.service.spec.ts: 80
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/services/collect-autofill-content.service.spec.ts: 177
MEDIUM Client_Privacy_Violation /apps/browser/src/autofill/services/collect-autofill-content.service.spec.ts: 87
LOW Client_Password_In_Comment /apps/browser/src/autofill/services/autofill.service.ts: 330
LOW Client_Password_In_Comment /libs/angular/src/auth/components/two-factor.component.ts: 301
LOW Client_Password_In_Comment /libs/angular/src/auth/components/two-factor.component.ts: 263
LOW Client_Password_In_Comment /libs/angular/src/auth/components/sso.component.ts: 280
LOW Client_Password_In_Comment /libs/angular/src/auth/components/sso.component.ts: 230
LOW Client_Password_In_Comment /apps/browser/src/autofill/services/insert-autofill-content.service.ts: 51
LOW Client_Password_In_Comment /apps/web/src/app/vault/org-vault/vault.component.ts: 598
LOW Client_Password_In_Comment /apps/web/src/app/vault/individual-vault/vault.component.ts: 603
LOW Client_Password_In_Comment /libs/exporter/src/vault-export/bitwarden-json-export-types.ts: 40
LOW Client_Weak_Cryptographic_Hash /libs/common/src/platform/services/web-crypto-function.service.ts: 142
LOW Client_Weak_Cryptographic_Hash /libs/common/src/platform/services/web-crypto-function.service.ts: 142
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 36
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 33
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 32
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 28
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 27
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 26
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 25
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 24
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 23
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 22
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 21
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 20
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 19
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 18
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 17
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 16
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 13
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 36
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 33
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 32
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 28
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 27
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 26
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 25
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 24
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 23
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 22
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 21
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 20
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 19
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 18
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 17
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 16
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 13
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 36
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 33
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 32
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 28
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 27
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 26
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 25
LOW Use_Of_Hardcoded_Password /apps/browser/src/autofill/jest/autofill-mocks.ts: 24
LOW Use_Of_Hardcoded_Password

More results are available on AST platform

@rr-bw rr-bw changed the title [PM-2432][Community] Account Switcher A11y (Build Artifacts) [PM-2432][Build Artifacts] Account Switcher A11y Oct 11, 2023
@rr-bw rr-bw closed this Oct 31, 2023
@rr-bw rr-bw deleted the community/pm-2432/account-switcher-a11y branch October 31, 2023 17:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
hold do not merge, do not approve yet needs-qa Marks a PR as requiring QA approval
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@rr-bw @bitwarden-bot @patrickhlauke