Bug 188285 - "Form autocomplete should not store credit card numbers" [r=dolske]

2010-01-31 06:25:00 +13:00 · 2010-01-31 06:25:00 +13:00 · 7597596d74
--- a/toolkit/components/satchel/src/nsStorageFormHistory.cpp
+++ b/toolkit/components/satchel/src/nsStorageFormHistory.cpp
@ -436,6 +436,10 @@ nsFormHistory::Notify(nsIDOMHTMLFormElement* formElt, nsIDOMWindowInternal* aWin
          if (value.Equals(defaultValue))
            continue;

+          // We do not want to store credit card numbers (bug #188285)
+          if (IsValidCCNumber(value))
+            continue;
+
          nsAutoString name;
          inputElt->GetName(name);
          if (name.IsEmpty())
@ -457,6 +461,33 @@ nsFormHistory::Notify(nsIDOMHTMLFormElement* formElt, nsIDOMWindowInternal* aWin
  return transaction.Commit();
 }

+// Implements the Luhn checksum algorithm as described at
+// http://wikipedia.org/wiki/Luhn_algorithm
+bool
+nsFormHistory::IsValidCCNumber(const nsAString &aString)
+{
+  nsAutoString ccNumber(aString);
+  ccNumber.StripChars("-");
+  ccNumber.StripWhitespace();
+  
+  PRUint32 length = ccNumber.Length();
+  if (length != 9 && length != 15 && length != 16)
+    return false;
+  
+  PRUint32 total = 0;
+  for (PRUint32 i = 0; i < length; i++) {
+    PRUnichar ch = ccNumber[length - i - 1];
+    if (ch < '0' || ch > '9')
+      return false;
+    ch -= '0';
+    if (i % 2 == 0)
+      total += ch;
+    else
+      total += (ch * 2 / 10) + (ch * 2 % 10);
+  }
+  return total % 10 == 0;
+}
+
 nsresult
 nsFormHistory::ExpireOldEntries()
 {
--- a/toolkit/components/satchel/src/nsStorageFormHistory.h
+++ b/toolkit/components/satchel/src/nsStorageFormHistory.h
@ -94,6 +94,7 @@ public:

 private:
  ~nsFormHistory();
+  bool IsValidCCNumber(const nsAString &aString);

 protected:
  // Database I/O
--- a/toolkit/components/satchel/test/test_form_submission.html
+++ b/toolkit/components/satchel/test/test_form_submission.html
@ -96,6 +96,53 @@
    <button type="submit">Submit</button>
  </form>

+  <!-- input with sensitive data (16 digit credit card number) -->
+  <form id="form15" onsubmit="return checkSubmit(15)">
+    <script type="text/javascript">
+      var form = document.getElementById('form15');
+      for (var i = 0; i != 10; i++)
+      {
+        var input = document.createElement('input');
+        input.type = 'text';
+        input.name = 'test' + (i + 1);
+        form.appendChild(input);
+      }
+    </script>
+    <button type="submit">Submit</button>
+  </form>
+
+  <!-- input with sensitive data (15 digit credit card number) -->
+  <form id="form16" onsubmit="return checkSubmit(16)">
+    <script type="text/javascript">
+      var form = document.getElementById('form16');
+      for (var i = 0; i != 10; i++)
+      {
+        var input = document.createElement('input');
+        input.type = 'text';
+        input.name = 'test' + (i + 1);
+        form.appendChild(input);
+      }
+    </script>
+    <button type="submit">Submit</button>
+  </form>
+
+  <!-- input with sensitive data (9 digit credit card number) -->
+  <form id="form17" onsubmit="return checkSubmit(17)">
+    <input type="text" name="test1">
+    <button type="submit">Submit</button>
+  </form>
+
+  <!-- input with sensitive data (16 digit hyphenated credit card number) -->
+  <form id="form18" onsubmit="return checkSubmit(18)">
+    <input type="text" name="test1">
+    <button type="submit">Submit</button>
+  </form>
+
+  <!-- input with sensitive data (15 digit whitespace-separated credit card number) -->
+  <form id="form19" onsubmit="return checkSubmit(19)">
+    <input type="text" name="test1">
+    <button type="submit">Submit</button>
+  </form>

  <!-- ===== Things that should be saved ===== -->

@ -130,12 +177,82 @@
    <button type="submit">Submit</button>
  </form>

+  <!-- input that looks like sensitive data but doesn't
+       satisfy the requirements (incorrect length) -->
+  <form id="form106" onsubmit="return checkSubmit(106)">
+    <input type="text" name="test6">
+    <button type="submit">Submit</button>
+  </form>
+
+  <!-- input that looks like sensitive data but doesn't
+       satisfy the requirements (Luhn check fails for 16 chars) -->
+  <form id="form107" onsubmit="return checkSubmit(107)">
+    <script type="text/javascript">
+      var form = document.getElementById('form107');
+      for (var i = 0; i != 10; i++)
+      {
+        var input = document.createElement('input');
+        input.type = 'text';
+        input.name = 'test7_' + (i + 1);
+        form.appendChild(input);
+      }
+    </script>
+    <button type="submit">Submit</button>
+  </form>
+
+  <!-- input that looks like sensitive data but doesn't
+       satisfy the requirements (Luhn check fails for 15 chars) -->
+  <form id="form108" onsubmit="return checkSubmit(108)">
+    <script type="text/javascript">
+      var form = document.getElementById('form108');
+      for (var i = 0; i != 10; i++)
+      {
+        var input = document.createElement('input');
+        input.type = 'text';
+        input.name = 'test8_' + (i + 1);
+        form.appendChild(input);
+      }
+    </script>
+    <button type="submit">Submit</button>
+  </form>
+
 </div>
 <pre id="test">
 <script class="testbody" type="text/javascript">

 var numSubmittedForms = 0;

+var ccNumbers = {
+  valid15: [
+    "930771457288760", "474915027480942",
+    "924894781317325", "714816113937185",
+    "790466087343106", "474320195408363",
+    "219211148122351", "633038472250799",
+    "354236732906484", "095347810189325",
+  ],
+  valid16: [
+    "3091269135815020", "5471839082338112",
+    "0580828863575793", "5015290610002932",
+    "9465714503078607", "4302068493801686",
+    "2721398408985465", "6160334316984331",
+    "8643619970075142", "0218246069710785"
+  ],
+  invalid15: [
+    "526931005800649", "724952425140686",
+    "379761391174135", "030551436468583",
+    "947377014076746", "254848023655752",
+    "226871580283345", "708025346034339",
+    "917585839076788", "918632588027666"
+  ],
+  invalid16: [
+    "9946177098017064", "4081194386488872",
+    "3095975979578034", "3662215692222536",
+    "6723210018630429", "4411962856225025",
+    "8276996369036686", "4449796938248871",
+    "3350852696538147", "5011802870046957"
+  ],
+};
+
 function startTest() {
  netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
  ok(!fh.hasEntries, "checking for initially empty storage");
@ -162,11 +279,35 @@ function startTest() {
  $_(14, "test1").type  = "password";
  $_(14, "test1").value = "dontSaveThis";

+  var testData = ccNumbers.valid16;
+  for (var i = 0; i != testData.length; i++) {
+    $_(15, "test" + (i + 1)).value = testData[i];
+  }
+
+  testData = ccNumbers.valid15;
+  for (var i = 0; i != testData.length; i++) {
+    $_(16, "test" + (i + 1)).value = testData[i];
+  }
+  $_(17, "test1").value = "001064088";
+  $_(18, "test1").value = "0000-0000-0080-4609";
+  $_(19, "test1").value = "0000 0000 0222 331";
+
  $_(101, "test1").value = "savedValue";
  $_(102, "test2").value = "savedValue";
  $_(103, "test3").value = "savedValue";
  $_(104, "test4").value = " trimTrailingAndLeadingSpace ";
  $_(105, "test5").value = "\t trimTrailingAndLeadingWhitespace\t ";
+  $_(106, "test6").value = "00000000109181";
+
+  var testData = ccNumbers.invalid16;
+  for (var i = 0; i != testData.length; i++) {
+    $_(107, "test7_" + (i + 1)).value = testData[i];
+  }
+
+  var testData = ccNumbers.invalid15;
+  for (var i = 0; i != testData.length; i++) {
+    $_(108, "test8_" + (i + 1)).value = testData[i];
+  }

  // submit the first form.
  var button = getFormSubmitButton(1);
@ -184,7 +325,7 @@ function checkSubmit(formNum) {
  
  // Check for expected storage state.
  switch (formNum) {
-    // Test 1-12 should not save anything.
+    // Test 1-19 should not save anything.
    case 1:
    case 2:
    case 3:
@ -199,6 +340,11 @@ function checkSubmit(formNum) {
    case 12:
    case 13:
    case 14:
+    case 15:
+    case 16:
+    case 17:
+    case 18:
+    case 19:
        ok(!fh.hasEntries, "checking for empty storage");
        break;
    // The other tests do save data...
@ -217,6 +363,19 @@ function checkSubmit(formNum) {
    case 105:
        ok(fh.entryExists("test5", "trimTrailingAndLeadingWhitespace"), "checking saved value is trimmed on both sides");
        break;
+    case 106:
+        ok(fh.entryExists("test6", "00000000109181"), "checking saved value");
+        break;
+    case 107:
+        for (var i = 0; i != ccNumbers.invalid16.length; i++) {
+          ok(fh.entryExists("test7_" + (i + 1), ccNumbers.invalid16[i]), "checking saved value");
+        }
+        break;
+    case 108:
+        for (var i = 0; i != ccNumbers.invalid15.length; i++) {
+          ok(fh.entryExists("test8_" + (i + 1), ccNumbers.invalid15[i]), "checking saved value");
+        }
+        break;
    default:
        ok(false, "Unexpected form submission");
        break;
@ -230,14 +389,14 @@ function checkSubmit(formNum) {
      prefBranch.clearUserPref("signon.rememberSignons");

  // End the test at the last form.
-  if (formNum == 105) {
-    is(numSubmittedForms, 19, "Ensuring all forms were submitted.");
+  if (formNum == 108) {
+    is(numSubmittedForms, 27, "Ensuring all forms were submitted.");
    SimpleTest.finish();
    return false; // return false to cancel current form submission
  }

  // submit the next form.
-  var button = getFormSubmitButton(formNum == 14 ? 101 : (formNum + 1));
+  var button = getFormSubmitButton(formNum == 19 ? 101 : (formNum + 1));
  button.click();

  return false; // cancel current form submission