Last modified: 2014-06-18 22:42:20 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T66409, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 64409 - Mobile Apps: Trying to create a username with a hash in should present the user with an error
Mobile Apps: Trying to create a username with a hash in should present the us...
Status: RESOLVED FIXED
Product: Wikipedia App
Classification: Unclassified
Generic (Other open bugs)
Android (alpha)
All All
: Unprioritized normal
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-04-24 23:22 UTC by Liangent
Modified: 2014-06-18 22:42 UTC (History)
2 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Liangent 2014-04-24 23:22:06 UTC 
Afterwards it trys to autologin using the username with hash then fails.
Comment 1 Gerrit Notification Bot 2014-04-24 23:57:12 UTC 
Change 129618 had a related patch set uploaded by Yuvipanda:
Use username returned from create account API call

https://gerrit.wikimedia.org/r/129618
Comment 2 Gerrit Notification Bot 2014-04-25 02:01:42 UTC 
Change 129618 merged by Dbrant:
Use username returned from create account API call

https://gerrit.wikimedia.org/r/129618
Comment 3 Liangent 2014-04-25 11:22:22 UTC 
I'm not sure whether it's good to truncate their user name silently, but it's the behavior on desktop too...
Comment 4 Dan Garry 2014-05-06 17:39:24 UTC 
We've got three totally different behaviours on four platforms here:

1) Desktop: Refuses to create username because it has a hash in it.
2) iOS: Lets you create the username, but silently truncates everything including and after the hash, then fails to log you in saying that you provided an illegal username.
3) Android and Mobile Web: Lets your create the username, but silently truncates everything including and after the hash, then logs you in successfully to the truncated username.

If desktop doesn't let you create these usernames then neither should any of our mobile platforms.

I'm unclear what the correct engineering solution is though. Do we change the API used to create accounts to error if you try to include hashes (instead of silently truncating and creating), or do we just include client-side validation?
Comment 5 Liangent 2014-05-06 17:50:46 UTC 
(In reply to Dan Garry from comment #4)
> 1) Desktop: Refuses to create username because it has a hash in it.

On desktop an error (or better to say, warning :p as it's ignorable) is shown, but you can ignore the error and go on to create the account, and the rest is the same as Android.
Comment 6 Liangent 2014-05-06 17:52:35 UTC 
and the error / warning is only applicable to users with JavaScript enabled.
Comment 7 Dan Garry 2014-05-06 18:11:53 UTC 
Bug filed in Core for this: bug 64960.
Comment 8 Yuvi Panda 2014-05-18 14:29:07 UTC 
The Upstream bug has been fixed, let me test locally and see if it is ok on the app.
Comment 9 Dan Garry 2014-06-18 22:42:20 UTC 
This bug is fixed now.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links