Anonymous Login
  

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000106SKGB-internneues-kennwortpublic2012-04-01 15:002014-07-20 20:51
Reporteraj 
Assigned Toaj 
PrioritynormalSeveritytweakReproducibilityalways
StatusresolvedResolutionfixed 
Projectionminor fixETA< 1 day 
PlatformThe WebOSHTTPOS Version1.1
Product Version1.1.8Product Build2012-03-31 
Target Version1.1.9Fixed in Version1.1.9 
Summary0000106: user name web form accepts uppercase chars
DescriptionThe web form for neues-kennwort accepts any string you enter and outputs an appropriate results page. While this may be nice from an information hiding point of view, it significantly reduces usability because it isn't obvious to users that <john.doe@example.org> works while <John.Doe@example.org> doesn't. If nothing else, neues-kennwort should at least lower-case the user name.
Steps To Reproduce(1) http://intern.skgb.de/neues-kennwort
(2) enter "Arne.Johannessen"
(3) submit
Additional InformationThe Account Manager may accept upper-case user names. This change would break the neues-kennwort function for users with upper-case names. In practice, however, there are no such users. Also, whether or not HTTP Authentication is implemented case-sensitively is not under our control. The current implementation is.

For both reasons it may be more appropriate to just output a harsh warning in case any upper-case characters are entered.
TagsNo tags attached.
Attached Files

-Relationships
+Relationships

-Notes

~0004891

aj (manager)

2012-04-01 15:43

 Added some new "smart" error messages: If uppercase characters or the suffix @skgb.de are detected, the respective hints are highlighted. The highlight's graphics may be a bit over the top, but OTOH they do need to stand out.

The hints are always highlighted if they apply, even if the entered user name doesn't exist. For example, "John.Doe@skgb.de" will highlight both hints.
+Notes