Bug: Credit card verification number not filled

jaingaurav2

Hi I believe I've found a site where 1Password (v3.2.1) would not fill the credit card CCV. It seems that the form field matching algorithm is not identifying the following field:



<input type="text" name="cardVerCode" classname="TEXTFIELD" size="5" maxlength="4" title="Card Verification Code" autocomplete="off" value="">



I downloaded the page and changed the field name to CCV and then the verification code was filled correctly. There are a number of fields that 1Password could have keyed off to properly identify the verification code field:



1. name="cardVerCode"

2. title="Card Verification Code"

3. maxlength="4" - Since the verification code is usually no longer than 4 characters, this could have been used. Of course caution would have to be taken that this does not get confused with digits of the credit card number.



Hope this gets fixed soon. I'm totally helpless without my 1Password!

Nik

Thanks, Gaurav. We have a number of things to do to improve our identity and credit card information filling function, and form filling in general. We look forward to making 1Password more intelligent about deciding which information goes where.

jaingaurav2

Thanks for looking into this. I had previously filed a bug with thread: [url]http://support.agilewebsolutions.com/showthread.php?17383-Bug-Verification-Number-not-filled-in-form[/url], and I was happy to see that it had been fixed.



I just hit another case where the verification number was not filled:



<input type="text" name="creditCardCVV_1" maxlength="20" SIZE="20" value="">



On the sam form the expiration date was not filled either. The form input field had this format:



<input type="text" name="creditCardExpiryDate_1" maxlength="4" SIZE="4" value=""> (mmyy)



Note that with the expiry data had a single field form the month and year and the text beside it specified the format.

MartyS

[quote name='jaingaurav2']Thanks for looking into this. I had previously filed a bug with thread: [url]http://support.agilewebsolutions.com/showthread.php?17383-Bug-Verification-Number-not-filled-in-form[/url], and I was happy to see that it had been fixed.



I just hit another case where the verification number was not filled:



<input type="text" name="creditCardCVV_1" maxlength="20" SIZE="20" value="">



On the sam form the expiration date was not filled either. The form input field had this format:



<input type="text" name="creditCardExpiryDate_1" maxlength="4" SIZE="4" value=""> (mmyy)



Note that with the expiry data had a single field form the month and year and the text beside it specified the format.[/QUOTE]



Thank you for the additional examples. As Gita mentioned, we have some work still in front of us.

jaingaurav2

Should I continue to report other examples on this thread? Is it helpful? Or should I wait for an updated version of 1Password?



Would it be able to add support for these specific field names in the short term?

MartyS

[quote name='jaingaurav2']Should I continue to report other examples on this thread? Is it helpful? Or should I wait for an updated version of 1Password?



Would it be able to add support for these specific field names in the short term?[/QUOTE]



I do appreciate your willingness to report additional Credit Card fill "failures" to us. We generally know what the problem areas are: we just need to get in there and tug at some very sensitive code and more than likely rewrite it. Adding other field names to the mix would tend to help only a very few sites (sometimes only one) and isn't the approach that we'll be taking even for the short term. It might even cause something else to break down in the process.