Closed Bug 952278 Opened 11 years ago Closed 11 years ago

Password validation only checks for instance of "@"

Categories

(Cloud Services :: Server: Firefox Accounts, defect)

x86
macOS
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: pdehaan, Unassigned)

References

Details

(Whiteboard: [qa+])

Steps to reproduce: 1. goto about:accounts 2. enter email "peter@". 3. enter two matching passwords: "12345678" (can be anything, just needs to be 8 characters to pass validation). 4. click 'Create Account' button. Actual results: Odd empty error message at top of dialog. Expected results: Email validation should check for a more accurate email address instead of just an appearance from "@" character.
I think the JSON returned from the server is: ``` { code: 400, error: "Bad Request", message: "the value of email must match the RegExp /^(?:[a-fA-F0-9]{2})+40(?:[a-fA_F0-9]{2})+$/", validation: { source: "payload", keys: ["email"] }, errno: 999 } ```
This is deliberate and temporary on the server side. We currently receive the email as a hex-encoded string which makes plugging in full email-address validation a bit more complex. Since the updated auth protocol will send the email in plaintext, we decided not to waste time implementing the more complex version. Server tracking issue: https://github.com/mozilla/fxa-auth-server/issues/402 The client could potentially do its use sanity-checking of the address before sending to the server.
Assignee: rfkelly → nobody
No longer depends on: 951296
Email validation is better on the client side now and shows a tooltip when the email is invalid. I'm closing this because it does something better than looking for "@".
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.