View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0005560||OXID eShop (all versions)||2.3. Extensions (modules, themes)||public||2013-12-06 12:52||2015-02-25 18:08|
|Priority||low||Severity||feature||Reproducibility||have not tried|
|Target Version||Fixed in Version|
|Summary||0005560: API data must not contain blanks|
|Description||I am not sure whether this is a bug or a feature request:|
Users usually do copy & paste to insert their API data in the module's settings tab. It seems that there is no check of the inserted data performed.
Now with copy & paste e.g. from html-pages it happens very often that you also copy some (hidden?) blank spaces at the beginning or at the end e.g. of the signature. Now if you try to do a checkout with PayPal it will throw this error message as a response: "Security header is not valid" meaning your API data is incorrect.
If you check the data now in the input field of the module's settings you cannot see the additional blank spaces easily. Using the PayPal log you can see it, but that would not be necessary if the module would do a simple trim() on these config values, e.g. at this place:
What do you think?
|Tags||No tags attached.|
I would see this as a feature, because it "sanitizes" the mistake from the shop-admin.
But modules should do their best to help users, so i totally agree to use trim() here.
Since 5.2.0 / 4.9.0 (using PayPal module version 3.2.0) this issue might be even more difficult to debug: http://wiki.oxidforge.org/Downloads/4.9.0_5.2.0#Password_field_added_to_modules_metadata