Closed Bug 1485105 Opened 2 years ago Closed 2 years ago

Update credit card number validation

Categories

(Toolkit :: Form Autofill, enhancement, P1)

enhancement

Tracking

()

VERIFIED FIXED
mozilla64
Tracking Status
firefox64 --- verified

People

(Reporter: sfoster, Assigned: sfoster)

References

Details

(Whiteboard: [webpayments])

Attachments

(1 file)

The valid range of credit card number (PAN) digit lengths varies from card network to network. For simplicity's sake, we should accept anything from 12-19 While most numbers are still 16 digits, Mastercard and others are now issuing 19 digit PANs, Maestro numbers can be anywhere from 12 to 19 digits long.
Priority: -- → P3
Whiteboard: [webpayments-reserve] [triage]
Priority: P3 → --
Whiteboard: [webpayments-reserve] [triage] → [webpayments] [triage]
Flags: qe-verify+
Priority: -- → P3
QA Contact: hani.yacoub
Whiteboard: [webpayments] [triage] → [webpayments-reserve]
Duplicate of this bug: 1492129
Priority: P3 → P2
Whiteboard: [webpayments-reserve] → [webpayments]
I pushed a change to try to flush out any non-obvious (test) ramifications to the proposed change: https://treeherder.mozilla.org/#/jobs?repo=try&revision=df47bd264f8c5e4fa4285d621a593672f5334a23

tldr; unless I missed an important test suite, the xpcshell tests for CreditCard.jsm seem to be the only place we have test coverage for what digit lengths are considered valid.
Assignee: nobody → sfoster
Status: NEW → ASSIGNED
Priority: P2 → P1
(In reply to Sam Foster [:sfoster] from comment #2)
> I pushed a change to try to flush out any non-obvious (test) ramifications
> to the proposed change:
> https://treeherder.mozilla.org/#/
> jobs?repo=try&revision=df47bd264f8c5e4fa4285d621a593672f5334a23
> 
> tldr; unless I missed an important test suite, the xpcshell tests for
> CreditCard.jsm seem to be the only place we have test coverage for what
> digit lengths are considered valid.

New patch, new push: https://treeherder.mozilla.org/#/jobs?repo=try&revision=daa80405bd827c8bde86a7cc1ebb39295ca102b7&selectedJob=204605883
Pushed by sfoster@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/e702628b7c51
Allow 12-19 digit length card numbers. r=MattN
Pushed by sfoster@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/31313cac4517
Allow 12-19 digit length card numbers. r=MattN
https://hg.mozilla.org/mozilla-central/rev/31313cac4517
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla64
Clearing need-info. Thanks for the backout :andrei_ciure_, this has since been fixed and re-landed.
Flags: needinfo?(sfoster)
Backed out for causing Bug 1498071.

Recent failure log of Bug 1498071 : https://treeherder.mozilla.org/logviewer.html#?job_id=205348891&repo=mozilla-inbound&lineNumber=2718
Status: RESOLVED → REOPENED
Flags: needinfo?(sfoster)
Resolution: FIXED → ---
Target Milestone: mozilla64 → ---
Backout by nbeleuzu@mozilla.com:
https://hg.mozilla.org/mozilla-central/rev/b6abd17c078b
Backed out changeset 31313cac4517 for causing Bug1498071. a=backout
Status: REOPENED → ASSIGNED
Sigh. Another case of Date.now() being intepretted as a potentially-valid credit card number in an input field. Thanks for spotting and backing out. I have an updated patch with this and another similar issue fixed. 

Try push: 
https://treeherder.mozilla.org/#/jobs?repo=try&revision=d7704a8a1afa472b4d144be39a28f933f8cef9bd
Flags: needinfo?(sfoster)
I've gone through searchfox results for Date.now() looking for cases where it is used as input into a text field - and where that value is expected to be saved for later autofill or session restore. In these cases Date.now() is just being used as a way of getting arbitrary and random-ish characters, so .toString(16) works to accomplish the same goal and not produce a value that looks like a credit card number. 

That try push looks good in the sense that I didn't break any tests. Its hard to know I've got all the new intermittents without a lot more data though.
Pushed by sfoster@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/583d689d630e
Allow 12-19 digit length card numbers. r=MattN
https://hg.mozilla.org/mozilla-central/rev/583d689d630e
Status: ASSIGNED → RESOLVED
Closed: 2 years ago2 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla64
Verified - Fixed on latest Nightly 65.0a1 (2018-10-24) on Windows 7/10, Ubuntu 16.04. and Mac OS 10.13.
Number validation accepts credit card numbers with the length of 12-19 digits.
Status: RESOLVED → VERIFIED
Flags: qe-verify+
You need to log in before you can comment on or make changes to this bug.