Closed Bug 23812 Opened 25 years ago Closed 25 years ago

"SS - Shoe Size, Social Security" problem

Categories

(Toolkit :: Form Manager, defect, P3)

Product:
Toolkit
Component:
Form Manager
Platform:
x86
Windows NT
Type:
defect

Tracking

()

Status:
VERIFIED FIXED

People

(Reporter: kevinyen, Unassigned)

Details

As we discussed, need a way to handle field names across sites, with examples
such as SS and ACCT.

thx,
kevin
Because of the possible security/privacy related ramifications, a
proposal/solution for this needs to be in place before we can push it in for
Beta 1.  The actual fix could come later (but of course, in time for beta 1).

thx,
kevin
Status: NEW → ASSIGNED
Target Milestone: M14
Target Milestone: M14 → M13
OK, you've convinced me.  I see the security flaw.

But now we have to add a lot of new entries to the universal field-to-schema
table.  In particular, for every schema name we'll need an entry of the form:

   name.first -> name.first
   name.last -> name.last

etc.  Previously these names would be universal across all forms simply by
the nature of the dynamic schema mechanism.  But now dynamic schema will
apply only to a particular form so it can be refilled in again when returned
to but will no longer be applied accross forms.

I have a fix in hand and will be checking it in just as soon as I get a code
review.  I'll also check in an expanded field-to-schema table.
Status: ASSIGNED → RESOLVED
Closed: 25 years ago
Resolution: --- → FIXED
Fix checked in.  Changes were in wallet.cpp and FieldSchema.tbl
verif...
Status: RESOLVED → VERIFIED
Assignee: morse → nobody
Product: Core → Toolkit
QA Contact: bugzilla → form.manager
Target Milestone: M13 → ---
Version: Trunk → unspecified
You need to log in before you can comment on or make changes to this bug.