[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: Outstanding critical issue for KDE 2.2
From: Kurt Granroth <granroth () suse ! com>
Date: 2001-08-01 22:10:40
[Download RAW message or body]
On Wednesday 01 August 2001 02:49 pm, Waldo Bastian wrote:
> > Is that perhaps overkill? From what I gather, passwords are already
> > protected, and the only other item we are concerned about is credit card
> > numbers. Well, those are relatively easy to identify: '^[0-9 -]{6,}$'
> > (this net is too large as well but I would think most other forms with
> > over 5 chars have at least one alpha character). Maybe just disable if
> > that regex matches? I think we will get 1,000,000 bug reports saying
> > "form completion does not work sometimes", and really it would not be
> > unreasonable to consider complete disabling of auto-completion based on
> > http/https a UI bug.
>
> That might work. Aren't credit card input fields sometimes split into 3
> seperate fields though? Maybe something like "don't store anything with
> more numbers than other characters". That would probably exclude dates and
> phone numbers as well though, I guess that's a small price to pay.
How about the attached patch? It looks at the to-be-stored value and if it
is all numbers or '-', it returns. If it contains anything else, we assume
it's not a cc number and store it.
--
Kurt Granroth | http://www.granroth.org
KDE Developer/Evangelist | SuSE Labs Open Source Developer
granroth@kde.org | granroth@suse.com
KDE -- Conquer Your Desktop
["khtmlview.diff" (text/x-diff)]
Index: khtmlview.cpp
===================================================================
RCS file: /home/kde/kdelibs/khtml/khtmlview.cpp,v
retrieving revision 1.397
diff -b -u -u -r1.397 khtmlview.cpp
--- khtmlview.cpp 2001/07/30 00:18:27 1.397
+++ khtmlview.cpp 2001/08/01 22:07:24
@@ -1051,6 +1051,20 @@
{
if (!m_part->settings()->isFormCompletionEnabled())
return;
+ // don't store values that are all numbers or just numbers with
+ // dashes as those are likely things like credit card numbers
+ bool cc_number(true);
+ for (int i = 0; i < value.length(); ++i)
+ {
+ QChar c(value[i]);
+ if (!c.isNumber() && c != '-')
+ {
+ cc_number = false;
+ break;
+ }
+ }
+ if (cc_number)
+ return;
QStringList items = formCompletionItems(name);
if (!items.contains(value))
items.prepend(value);
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic