Closed Bug 1485105 Opened 3 years ago Closed 3 years ago
Update credit card number validation
46 bytes, text/x-phabricator-request
|Details | Review|
The valid range of credit card number (PAN) digit lengths varies from card network to network. For simplicity's sake, we should accept anything from 12-19 While most numbers are still 16 digits, Mastercard and others are now issuing 19 digit PANs, Maestro numbers can be anywhere from 12 to 19 digits long.
Priority: -- → P3
Whiteboard: [webpayments-reserve] [triage]
Priority: P3 → --
Whiteboard: [webpayments-reserve] [triage] → [webpayments] [triage]
Priority: -- → P3
QA Contact: hani.yacoub
Whiteboard: [webpayments] [triage] → [webpayments-reserve]
Priority: P3 → P2
Whiteboard: [webpayments-reserve] → [webpayments]
I pushed a change to try to flush out any non-obvious (test) ramifications to the proposed change: https://treeherder.mozilla.org/#/jobs?repo=try&revision=df47bd264f8c5e4fa4285d621a593672f5334a23 tldr; unless I missed an important test suite, the xpcshell tests for CreditCard.jsm seem to be the only place we have test coverage for what digit lengths are considered valid.
Assignee: nobody → sfoster
Status: NEW → ASSIGNED
Priority: P2 → P1
(In reply to Sam Foster [:sfoster] from comment #2) > I pushed a change to try to flush out any non-obvious (test) ramifications > to the proposed change: > https://treeherder.mozilla.org/#/ > jobs?repo=try&revision=df47bd264f8c5e4fa4285d621a593672f5334a23 > > tldr; unless I missed an important test suite, the xpcshell tests for > CreditCard.jsm seem to be the only place we have test coverage for what > digit lengths are considered valid. New patch, new push: https://treeherder.mozilla.org/#/jobs?repo=try&revision=daa80405bd827c8bde86a7cc1ebb39295ca102b7&selectedJob=204605883
Pushed by firstname.lastname@example.org: https://hg.mozilla.org/integration/autoland/rev/e702628b7c51 Allow 12-19 digit length card numbers. r=MattN
Backed out changeset e702628b7c51 (bug 1485105) for test_form_submission.html failures push that caused the backout: https://treeherder.mozilla.org/#/jobs?repo=autoland&resultStatus=testfailed%2Cbusted%2Cexception&classifiedState=unclassified&selectedJob=204637938&revision=e702628b7c514789f8372ac593da4ea9b445b7e2 failures: https://treeherder.mozilla.org/#/jobs?repo=autoland&resultStatus=testfailed,busted,exception&classifiedState=unclassified&revision=e702628b7c514789f8372ac593da4ea9b445b7e2&failure_classification_id=2 backout: https://hg.mozilla.org/integration/autoland/rev/9605a2bb0c596ed1badeead50ebd3f47d8378d6f
Pushed by email@example.com: https://hg.mozilla.org/integration/autoland/rev/31313cac4517 Allow 12-19 digit length card numbers. r=MattN
Clearing need-info. Thanks for the backout :andrei_ciure_, this has since been fixed and re-landed.
Backed out for causing Bug 1498071. Recent failure log of Bug 1498071 : https://treeherder.mozilla.org/logviewer.html#?job_id=205348891&repo=mozilla-inbound&lineNumber=2718
Backout by firstname.lastname@example.org: https://hg.mozilla.org/mozilla-central/rev/b6abd17c078b Backed out changeset 31313cac4517 for causing Bug1498071. a=backout
Sigh. Another case of Date.now() being intepretted as a potentially-valid credit card number in an input field. Thanks for spotting and backing out. I have an updated patch with this and another similar issue fixed. Try push: https://treeherder.mozilla.org/#/jobs?repo=try&revision=d7704a8a1afa472b4d144be39a28f933f8cef9bd
I've gone through searchfox results for Date.now() looking for cases where it is used as input into a text field - and where that value is expected to be saved for later autofill or session restore. In these cases Date.now() is just being used as a way of getting arbitrary and random-ish characters, so .toString(16) works to accomplish the same goal and not produce a value that looks like a credit card number. That try push looks good in the sense that I didn't break any tests. Its hard to know I've got all the new intermittents without a lot more data though.
Pushed by email@example.com: https://hg.mozilla.org/integration/autoland/rev/583d689d630e Allow 12-19 digit length card numbers. r=MattN
Verified - Fixed on latest Nightly 65.0a1 (2018-10-24) on Windows 7/10, Ubuntu 16.04. and Mac OS 10.13. Number validation accepts credit card numbers with the length of 12-19 digits.
You need to log in before you can comment on or make changes to this bug.