Possibility to use wildcards in Inline Autofill Popup Menu blocklist

[Mokaraa]

Hello Enpass!

First of all, thanks for updating the browser extension, it's a really amazing tool now!
I just have one tiny question, maybe I missed it in my search on Google and around the forums here, maybe I just miss something, I don't know.
But I was wondering if it's possible to use wildcards in the Inline Autofill Popup Menu blocklist.

Reason being is I also use Enpass for my personal accounts at work (like the password for my business e-mail account), where we also have another password manager for the business wide password credentials (sensitive internal information, internal credentials etc).
On our dev environments, I have two passwords managers that would like to be used, the URLs are quite the same, like appXX.dev.domain.tld.
In this case, it would be useful to just add *.dev.domain.tld on the blocklist, but it seems it doesn't do anything currently and it would be amazing if it did!

Keep up the great work you're doing, I really love using Enpass! Thanks for making me forget my passwords!

Kind regards,
Mokaraa

Edited January 20, 2022 by Mokaraa
Spellingcorrections

[apolzon]

The extension definitely seems to _think_ it can handle wildcards, as if you enter a URL like localhost/* it converts it to localhost/*.* -- trouble is, it still doesn't work. would definitely be a HUGE help if this could get fixed!

[Abhishek Dewan]

Hi @apolzon

Welcome to the Enpass Forums.

Kindly share the below details with me and I'll have this investigated for you.

1. The version of the Enpass app, OS, Enpass Extension and browser you are using.
2. The URL of webpages where entering the wildcards are not working for you.

[Tobl]

Hi, I also have the problem that the wildcard does not work.

versions:

• OS: OSX 13.5.1 
• Enpass App: 6.9.0
• Browser Extension 6.8.6
• Browser: Chrome 116.0.5845.110 (arm64)

 

to reproduce:

configuration of exact hostname matching is not active

Website: https://discussion.enpass.io

URL pattern which work:

• https://discussion.enpass.io
• enpass.io

URL pattern which not work:

• .enpass.io
• *.enpass.io
• https://*.enpass.io
• https://dis*.enpass.io
• https://discussi*.enpass.io

 

Kind regards

Edited September 5, 2023 by Tobl
added missing version

[Abhishek Dewan]

Hi @Tobl

Thank you for sharing the details.

Could you please also confirm the version of the Enpass browser Extension you are using?

[Tobl]

updated my previous post but it did not work with older versions either

Edited September 5, 2023 by Tobl

[Abhishek Dewan]

Hi @Tobl

Thank you for sharing the details.

I am currently in active discussions regarding your case with our specialized team, and I will promptly provide you with an update. Your cooperation and patience during this interim period are greatly valued.

#SI-3466

[Mokaraa]

Hi! Sorry for the very late response, but this issue still remains.
I have had this issue on both the latest versions of Windows 10 and Windows 11 (currently at 22H2, 22621.2134), using the latest Enpass from the Microsoft Store (currently 6.9.0 (1466)). For browser I have this issue independent of versions, currently at least with version 117, but had the issue with older versions as well (dating back to when I started the topic). The browser extension is version 6.8.8.

For pattern, I try to have something like this being wildcarded, but doesn't work: https://*.dev.domain.tld.

Edited September 8, 2023 by Mokaraa

[Abhishek Dewan]

Hi @Mokaraa

Thank you for sharing the details.

I have forwarded your comments to our team for further testing and analysis.

[Abhishek Dewan]

Hi @Tobl

Following a meticulous analysis of the reported issue, I'd like to communicate our findings with you -

To block the example URL "discussion.enpass.io":

You can use the following regex pattern: discussion.enpass.io. This will block only the exact URL "discussion.enpass.io."

To block all subdomains of "https://www.enpass.io/" , i.e, any.enpass.io, another.enpass.io, etc.:

You can use the following regex pattern: *.enpass.io

This will block all subdomains of "https://www.enpass.io/".

To block nested paths under "https://www.enpass.io/" (e.g., "enpass.io/login/" or "enpass.io/signup/"):

You can use the following regex pattern: enpass.io/**

This will block any URL paths under "https://www.enpass.io/" including nested paths.

However, we have identified certain issues with specific regex patterns, which are as follows:

1. Patterns like "https://*.dev.domain.tld" with wildcard usage in this format

2. Regex patterns such as "localhost/*" for blocking URLs under "localhost".

Our dedicated team is now working on resolving this issue and these will be patched in a future update. Your patience in the meantime is greatly appreciated.

[Mokaraa]

@Abhishek DewanIs there any update?

[Abhishek Dewan]

Hi @Mokaraa

I kindly ask you to please review my post from September 13th. Our development team is actively addressing the issues related to specific regex patterns, and as soon as a patch is available, I will promptly update this forum. Your patience is greatly appreciated during this time.

[Tobl]

Hi @Abhishek Dewan,
some answers to your findings.

URL pattern: discussion.enpass.io

Result: Password suggestion is shown for https://discussion.enpass.io/

 

And just to be clear, I don't want the wildcards to block URLs, they should match them 

URL pattern: *.enpass.io

expected behavior: 

• match:
  • www.enpass.io
  • discussion.enpass.io
  • anything-else.anpass.io

• should not match:
  • enpass.io
     

URL pattern: test*.enpass.io

expected behavior: 

• match:
  • test-foo.enpass.io
  • test-bar.enpass.io
  • test-anything-else.anpass.io

• should not match:
  • dev-test.enpass.io
  • www.enpass.io
  • discussion.enpass.io
  • www.discussion.enpass.io

[Abhishek Dewan]

Hi @Tobl

We appreciate your feedback, and I want to assure you that we have taken note of it. I have promptly shared your input with our development team to help us make future improvements. Your patience during this process is genuinely valued.