Closed
Bug 864840
Opened 11 years ago
Closed 11 years ago
Purchase on wifi fails with 400 bad request
Categories
(Marketplace Graveyard :: Payments/Refunds, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
2013-04-25
People
(Reporter: krupa.mozbugs, Assigned: keir)
References
Details
Attachments
(1 file)
320.39 KB,
text/plain
|
Details |
country: Spain steps to reproduce: 1. Make sure you have logged out of marketplace stage 2. Start app purchase 3. Sign in as a new user 4. Create PIN expected behavior: Confirm your mobile number screen loads observed behavior: Blank screen loads due to 400 Bad request Starting: 47ebeef0 I/PRLog ( 108): 2013-04-23 16:25:18.848996 UTC - 1074783480[40404160]: http request [ I/PRLog ( 108): 2013-04-23 16:25:18.850064 UTC - 1074783480[40404160]: GET /mobileid/v1/owd01?x-ob=21407&Bango=1113330000000373796&BID=19335&BIDT=9908cd3c-8d9d-4ceb-aff7-ed13a9508d2c HTTP/1.1 I/PRLog ( 108): 2013-04-23 16:25:18.850552 UTC - 1074783480[40404160]: Host: partners-api.bluevia.com I/PRLog ( 108): 2013-04-23 16:25:18.850949 UTC - 1074783480[40404160]: User-Agent: Mozilla/5.0 (Mobile; rv:18.0) Gecko/18.0 Firefox/18.0 I/PRLog ( 108): 2013-04-23 16:25:18.851010 UTC - 1074783480[40404160]: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 I/PRLog ( 108): 2013-04-23 16:25:18.851041 UTC - 1074783480[40404160]: Accept-Language: en-US,en;q=0.5 I/PRLog ( 108): 2013-04-23 16:25:18.851102 UTC - 1074783480[40404160]: Accept-Encoding: gzip, deflate I/PRLog ( 108): 2013-04-23 16:25:18.851132 UTC - 1074783480[40404160]: Connection: keep-alive I/PRLog ( 108): 2013-04-23 16:25:18.851193 UTC - 1074783480[40404160]: ] I/PRLog ( 108): 2013-04-23 16:25:19.175870 UTC - 12726720[40404470]: nsHttpTransaction::HandleContentStart [this=47ebeef0] Duration: 0.327 47ebeef0 (partners-api.bluevia.com -> GET /mobileid/v1/owd01?x-ob=21407&Bango=1113330000000373796&BID=19335&BIDT=9908cd3c-8d9d-4ceb-aff7-ed13a9508d2c) I/PRLog ( 108): 2013-04-23 16:25:19.176602 UTC - 12726720[40404470]: http response [ I/PRLog ( 108): 2013-04-23 16:25:19.176724 UTC - 12726720[40404470]: HTTP/1.1 400 Bad Request I/PRLog ( 108): 2013-04-23 16:25:19.176755 UTC - 12726720[40404470]: Connection: close I/PRLog ( 108): 2013-04-23 16:25:19.176816 UTC - 12726720[40404470]: Content-Length: 0 I/PRLog ( 108): 2013-04-23 16:25:19.176846 UTC - 12726720[40404470]: ]
Assignee | ||
Comment 1•11 years ago
|
||
The 400 comes from here : (partners-api.bluevia.com -> GET /mobileid/v1/owd01?x-ob=21407&Bango=1113330000000373796&BID=19335&BIDT=9908cd3c-8d9d-4ceb-aff7-ed13a9508d2c) Can telefonica investigate?
Reporter | ||
Updated•11 years ago
|
Severity: normal → blocker
Priority: -- → P1
Updated•11 years ago
|
Assignee: keir → jorgev
Severity: blocker → normal
Priority: P1 → --
Comment 2•11 years ago
|
||
Hi, would it be possible to have the IP of the device originating the request? This 400 Bad Request can only happen when the IP is not recognized as a valid IP and it is considered an attack in the firewall. Jorge
Comment 3•11 years ago
|
||
Reproduciong the issue: mobile id is being called through wifi. IP = 213.0.81.93 is not in the mobile data network list. Request from Bango to Mobile ID: GET /mobileid/v1/owd01?x-ob=21407&Bango=1113330000000373796&BID=19395&BIDT=e7315197-aae9-4858-8359-48da3f4c4034 HTTP/1.1 Host: partners-api.bluevia.com User-Agent: Mozilla/5.0 (Mobile; rv:18.0) Gecko/18.0 Firefox/18.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive X-Forwarded-For: 213.0.81.93 BlueVia is answering: HTTP/1.1 400 Bad Request Connection: close Content-Length: 0 Two options here: 1) Bango to not call mobile id when the request is not originated by the device in the mobile data network and use fallback SMS identification 2) Bango to be able to manage HTTP 400 responses and go to the fallback SMS identification. Best JORGE
Updated•11 years ago
|
Assignee: jorgev → keir
Comment 4•11 years ago
|
||
(In reply to Jorge Villa from comment #3) > 1) Bango to not call mobile id when the request is not originated by the > device in the mobile data network and use fallback SMS identification This requires permissions to use the mobile connection API which we won't have on device for v1 (https://wiki.mozilla.org/WebAPI/WebMobileConnection) > 2) Bango to be able to manage HTTP 400 responses and go to the fallback SMS > identification. This may be a safer approach compared to IP whitelisting since IPs can change.
Assignee | ||
Comment 5•11 years ago
|
||
Bango payment integration engineers have found the cause of this issue and fixed it.
Updated•11 years ago
|
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Target Milestone: --- → 2013-04-25
You need to log in
before you can comment on or make changes to this bug.
Description
•