Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Model eligibility verification form field validation #208

Closed
2 tasks done
Tracked by #317
thekaveman opened this issue Nov 18, 2021 · 0 comments · Fixed by #329
Closed
2 tasks done
Tracked by #317

Model eligibility verification form field validation #208

thekaveman opened this issue Nov 18, 2021 · 0 comments · Fixed by #329
Assignees
@thekaveman
Labels
back-end Django views, sessions, middleware, models, migrations etc. security Changes to improve or maintain the availability and resilience of the app
Milestone
Courtesy Cards

Comments

@thekaveman
Copy link
Member

thekaveman commented Nov 18, 2021
edited
Loading

Our current practice has been to offload input validation to the Eligibility Server, since we're simply a pass-through for rules and data defined there.

However this creates at least a couple potential issues:

  • The user must submit their information before they know if it's formatted incorrectly, vs. immediate in-browser feedback
  • The fields allow for any size and type of value, a potential DDoS vector

Given we will have more than one EligibilityVerifier in the next phase, each with unique form validation needs and UX considerations, now is the time to implement Eligibility verification form field validation.

Tasks

  • Add a TextField or similar to the EligibilityVerifier model that captures a regex pattern that can be used to validate the sub field in the eligibility verification form.
  • Add a PositiveIntegerField or similar to the EligibilityVerifier model that captures the maximum allowed length for the name field in the form.
@thekaveman thekaveman added this to the Courtesy Cards milestone Jan 6, 2022
@thekaveman thekaveman moved this to Backlog in Digital Services Jan 21, 2022
@thekaveman thekaveman mentioned this issue Mar 15, 2022
Closed
19 tasks
@thekaveman thekaveman changed the title Investigate form field validation for user input Implement form field validation for user input Mar 15, 2022
@thekaveman thekaveman moved this from Backlog to This Sprint in Digital Services Mar 15, 2022
@thekaveman thekaveman changed the title Implement form field validation for user input Model eligibility verification form field validation Mar 16, 2022
@thekaveman thekaveman mentioned this issue Mar 16, 2022
Closed
5 tasks
@thekaveman thekaveman self-assigned this Mar 16, 2022
@thekaveman thekaveman moved this from This Sprint to In Progress in Digital Services Mar 17, 2022
@thekaveman thekaveman mentioned this issue Mar 17, 2022
Merged
@thekaveman thekaveman moved this from In Progress to PR Open in Digital Services Mar 17, 2022
Repository owner moved this from PR Open to Done in Digital Services Mar 17, 2022
@thekaveman thekaveman added security Changes to improve or maintain the availability and resilience of the app models labels Apr 29, 2022
@thekaveman thekaveman added back-end Django views, sessions, middleware, models, migrations etc. and removed models labels Jun 16, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@thekaveman thekaveman

Labels
back-end Django views, sessions, middleware, models, migrations etc. security Changes to improve or maintain the availability and resilience of the app
Projects
Digital Services
Archived in project
Milestone
Courtesy Cards
Development

Successfully merging a pull request may close this issue.

Feat: Add validation fields to verifier model cal-itp/benefits
1 participant
@thekaveman