Closed Bug 1360694 Opened 8 years ago Closed 7 years ago

[Form Autofill] Cap the length of profile fields saved in storage

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla58

Tracking Flags:

Tracking

Status

firefox57

---

fixed

firefox58

---

fixed

People

(Reporter: MattN, Assigned: lchang)

References

(Blocks 1 open bug)

Details

(Whiteboard: [form autofill:MVP])

Attachments

(2 files)

WIP patch 7 years ago Matthew N. [:MattN] 2.48 KB, patch		Details \| Diff \| Splinter Review
Bug 1360694 - [Form Autofill] Cap the length of profile fields saved in storage. 7 years ago Luke Chang [:lchang] (inactive) 59 bytes, text/x-review-board-request	ralin : review+ ritu : approval-mozilla-beta+	Details

Matthew N. [:MattN]

Reporter

Description

•

8 years ago

Similar to bug 488796, we shouldn't save huge fields in autofill storage since we don't ask to save each profile.

Ray Lin[:ralin]

Updated

•

7 years ago

Assignee: nobody → ralin

Status: NEW → ASSIGNED

Ray Lin[:ralin]

Comment 1

•

7 years ago

Unassign myself as MattN has a ready-made patch for this :D

Assignee: ralin → nobody

Status: ASSIGNED → NEW

Matthew N. [:MattN]

Reporter

Updated

•

7 years ago

Assignee: nobody → MattN+bmo

Status: NEW → ASSIGNED

Luke Chang [:lchang] (inactive)

Assignee

Comment 2

•

7 years ago

Hi Matt, I'd like to take over this bug if you don't mind.

Assignee: MattN+bmo → lchang

Status: ASSIGNED → NEW

Matthew N. [:MattN]

Reporter

Comment 3

•

7 years ago

Attached patch WIP patch — Details — Splinter Review

Luke Chang [:lchang] (inactive)

Assignee

Comment 4

•

7 years ago

Matt, Thanks.

Blocks: fx-form-autofill

Status: NEW → ASSIGNED

status-firefox57: --- → affected

status-firefox58: --- → affected

Priority: -- → P5

Comment hidden (mozreview-request)

Luke Chang [:lchang] (inactive)

Assignee

Comment 6

•

7 years ago

Ray, Would you mind taking a look at this patch (since you once studied it)? Thanks.

Ray Lin[:ralin]

Comment 7

•

7 years ago

mozreview-review

Comment on attachment 8919993 [details] Bug 1360694 - [Form Autofill] Cap the length of profile fields saved in storage. https://reviewboard.mozilla.org/r/190942/#review196142 LGTM, thanks. few minor comments, but not big deal. ::: browser/extensions/formautofill/FormAutofillHandler.jsm:691 (Diff revision 1) > log.debug("No address record saving since there are only", > Object.keys(data.address.record).length, > "usable fields"); maybe we can make these lines in the same indent level ::: browser/extensions/formautofill/FormAutofillUtils.jsm:31 (Diff revision 1) > "givenName", "additionalName", "familyName", "organization", "streetAddress", > "state", "province", "city", "country", "zip", "postalCode", "email", "tel", > ]; > const MANAGE_CREDITCARDS_KEYWORDS = ["manageCreditCardsTitle", "addNewCreditCardTitle", "showCreditCardsBtnLabel"]; > const EDIT_CREDITCARD_KEYWORDS = ["cardNumber", "nameOnCard", "cardExpires"]; > +const MAX_FIELD_VALUE_LENGTH = 200; A comment would be a plus to clarify its usage.

Attachment #8919993 - Flags: review?(ralin) → review+

Luke Chang [:lchang] (inactive)

Assignee

Comment 8

•

7 years ago

mozreview-review-reply

Comment hidden (mozreview-request)

Pulsebot

Comment 10

•

7 years ago

Pushed by lchang@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/72cce53ae7fd [Form Autofill] Cap the length of profile fields saved in storage. r=ralin

Sebastian Hengst [:aryx] (needinfo me if it's about an intermittent or backout)

Comment 11

•

7 years ago

bugherder

https://hg.mozilla.org/mozilla-central/rev/72cce53ae7fd

Status: ASSIGNED → RESOLVED

Closed: 7 years ago

status-firefox58: affected → fixed

Resolution: --- → FIXED

Target Milestone: --- → mozilla58

Luke Chang [:lchang] (inactive)

Assignee

Comment 12

•

7 years ago

Comment on attachment 8919993 [details] Bug 1360694 - [Form Autofill] Cap the length of profile fields saved in storage. Approval Request Comment [Feature/Bug causing the regression]: Feature. [User impact if declined]: A potential risk that users' disks might be filled by malicious data. [Is this code covered by automated tests?]: Yes. [Has the fix been verified in Nightly?]: Verified locally. [Needs manual test from QE? If yes, steps to reproduce]: No. [List of other uplifts needed for the feature/fix]: N/A [Is the change risky?]: No. [Why is the change risky/not risky?]: Just added a check for string length. [String changes made/needed]: N/A

Attachment #8919993 - Flags: approval-mozilla-beta?

Ritu Kothari (:ritu) (Inactive, please n-i to RyanVM, jcristau, or pascal)

Comment 13

•

7 years ago

Comment on attachment 8919993 [details] Bug 1360694 - [Form Autofill] Cap the length of profile fields saved in storage. Must fix, Beta57+

Attachment #8919993 - Flags: approval-mozilla-beta? → approval-mozilla-beta+

Ryan VanderMeulen [:RyanVM]

Comment 14

•

7 years ago

bugherder uplift

https://hg.mozilla.org/releases/mozilla-beta/rev/6273b5da0f81

status-firefox57: affected → fixed

Flags: in-testsuite+

Andrei Vaida [:avaida]

Comment 15

•

7 years ago

(In reply to Luke Chang [:lchang] from comment #12) > [Is this code covered by automated tests?]: Yes. > [Has the fix been verified in Nightly?]: Verified locally. > [Needs manual test from QE? If yes, steps to reproduce]: No. Setting qe-verify- based on Luke's assessment on manual testing needs and the fact that this fix has automated coverage.

Flags: qe-verify-

You need to log in before you can comment on or make changes to this bug.