I propose a new (default) URI Match Detection logic:
Show in descending order:
exact hits
starts with
host
base domain
It could be called “Automatic” match detection.
Example:
Logins in bitwarden:
- university.org
- sub1.university.org
- sub2.university.org
Result for https:// sub1.university.org/:
1) sub1.university.org # host
2) university.org # base
2) sub2.university.org # base
(Maybe another few lines of code could rank university.org before sub2.university.org in this example.)
It would solve this issue of mine:
My default match detection scheme is “Base domain”, which works fine with 90 % of my logins. The remaining 10 % (still about 100 logins!) are sites with different subdomains and logins, but the same base domain (my university, for example, where I have 17 entries). There, I must manually change to “Host”.
If this algorithm were the default, I would never have to change these settings. The wrong logins would be displayed, but the correct one would always be the top result.
The current options allow you to get the exact matches you need. I wouldn’t want to see any results that don’t meet the match detection criteria I’ve set. If a vault entry is set to “host” match detection, I definitely wouldn’t want to see results that don’t match the exact host.
I think this is a very interesting idea, but I share @danmullen’s concern as well. Specifically in the case the OP mentions (17 distinct sub-domains/URIs and 100 credentials), the proposed search could yield an overwhelming number of hits returned to the user.
I suggest that if URI match detection will incorporate rules-based logic, then the logic should be complete. Specifically, if a higher-order match is made, then no further matches should be returned; otherwise, cascade the search down to the next search level.
For example, given this search order for a query:
exact hits
starts with
host
base domain
Logic: if an ‘exact hit’ is matched, then only that result is returned and the search is complete. If not, move to a ‘starts with’ search and return all matches. If no ‘starts with’ matches are found, move to ‘host’ matches, etc.
On mobile, I’ve noticed that if you don’t have an exact match it does actually give you some suggestions. For example, if you have some credentials saved for a website but don’t have the app package name set up as one of the URIs to match against, it does often show the correct credentials as a suggestion.