Closed Bug 952278 Opened 9 years ago Closed 9 years ago

Password validation only checks for instance of "@"

Categories

(Cloud Services :: Server: Firefox Accounts, defect)

x86
macOS
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: pdehaan, Unassigned)

References

Details

(Whiteboard: [qa+])

Steps to reproduce:
1. goto about:accounts
2. enter email "peter@".
3. enter two matching passwords: "12345678" (can be anything, just needs to be 8 characters to pass validation).
4. click 'Create Account' button.


Actual results:
Odd empty error message at top of dialog.


Expected results:
Email validation should check for a more accurate email address instead of just an appearance from "@" character.
I think the JSON returned from the server is:
```
{
  code: 400,
  error: "Bad Request",
  message: "the value of email must match the RegExp /^(?:[a-fA-F0-9]{2})+40(?:[a-fA_F0-9]{2})+$/",
  validation: {
    source: "payload",
    keys: ["email"]
  },
  errno: 999
}
```
This is deliberate and temporary on the server side.  We currently receive the email as a hex-encoded string which makes plugging in full email-address validation a bit more complex.  Since the updated auth protocol will send the email in plaintext, we decided not to waste time implementing the more complex version.  Server tracking issue: https://github.com/mozilla/fxa-auth-server/issues/402

The client could potentially do its use sanity-checking of the address before sending to the server.
Assignee: rfkelly → nobody
No longer depends on: 951296
Email validation is better on the client side now and shows a tooltip when the email is invalid. I'm closing this because it does something better than looking for "@".
Status: NEW → RESOLVED
Closed: 9 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.