Closed
Bug 596093
Opened 14 years ago
Closed 14 years ago
Do not allow email addresses as the username
Categories
(Firefox :: Sync, defect)
Firefox
Sync
Tracking
()
VERIFIED
FIXED
People
(Reporter: st3fan, Assigned: philikon)
References
Details
Attachments
(1 file, 1 obsolete file)
8.37 KB,
patch
|
mconnor
:
review+
|
Details | Diff | Splinter Review |
I have installed tip of fx-sync as of september 13th in firefox 4.0b6. I am also running tarek's last Python server locally on my Mac.
I can succesfully register with an email address as my username. I see this in the request log:
127.0.0.1 - - [13/Sep/2010:14:16:40 -0400] "PUT /user/1.0/2d6xkt6ofzsb7xqqwxeffkm7wsqygorv HTTP/1.1" 200 32 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:2.0b6pre) Gecko/20100913 Firefox/4.0b6pre"
But then when I try to sync I see this:
127.0.0.1 - - [13/Sep/2010:14:16:45 -0400] "GET /user/1.0/stefan%40arentz.ca/node/weave HTTP/1.1" 404 154 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:2.0b6pre) Gecko/20100913 Firefox/4.0b6pre"
The request is denied because the email address is not hashed to a username.
Reporter | ||
Comment 1•14 years ago
|
||
To be more precise, this is the version that I have used:
20:27:30 Mozilla/fx-sync % hg summary
parent: 3035:e39d258053ee tip
Added tag 1.5b3 for changeset df21bab96ce7
Assignee | ||
Comment 2•14 years ago
|
||
Well yeah, when you install the add-on on Firefxo 4.0b, it doesn't actually use the add-on UI because Firefox 4.0b already has UI for Sync. And that UI stil asks you for a separate username doesn't it? So no hashing etc. going on here yet. That means if you want to test this new email-address-only feature, you want to use Firefox 3.6 where you see the add-on UI which no longer asks for a separate username.
That said, it shouldn't accept any weird characters for the user name, such as @, right now. I think the problem is that we never really implemented any client side checks. I'll see if we can make sure that at least your problem won't be happen.
Assignee | ||
Updated•14 years ago
|
OS: Mac OS X → All
Hardware: x86 → All
Summary: Client does not use hashed email addresses as the username for all requests → Do not allow email addresses as the username
Assignee | ||
Comment 3•14 years ago
|
||
Make sure the semantics of Weave.Service.checkUsername and Weave.Service.createAccount don't change when used by the old UI code (as present in current Firefox 4.0 betas).
Assignee: nobody → philipp
Attachment #475036 -
Flags: review?(mconnor)
Assignee | ||
Comment 4•14 years ago
|
||
Get rid of a dump() I accidentally left in there ;)
Attachment #475036 -
Attachment is obsolete: true
Attachment #475071 -
Flags: review?(mconnor)
Attachment #475036 -
Flags: review?(mconnor)
Updated•14 years ago
|
Attachment #475071 -
Flags: review?(mconnor) → review+
Assignee | ||
Comment 5•14 years ago
|
||
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Updated•14 years ago
|
Status: RESOLVED → VERIFIED
Updated•14 years ago
|
Flags: in-testsuite?
Updated•6 years ago
|
Component: Firefox Sync: UI → Sync
Product: Cloud Services → Firefox
You need to log in
before you can comment on or make changes to this bug.
Description
•