[ic] Massive quantity bug with Certain chrome versions
Sam Batschelet
samb at endpoint.com
Wed Aug 17 12:38:53 UTC 2016
On 08/17/2016 08:17 AM, DB wrote:
>> This is a heads up for those running old Foundation shops, and possibly
>> others (not sure to which other demos this extends). Specific versions
>> of the Chrome browser (51.0.2704.81 and 51.0.2704.103) on seemingly all
>> platforms (confirmed Windows 10, Android and Linux) seem to have a
>> tendency to want to auto-fill in the user's zip code in the quantity0
>> field of the shopping cart on the single checkout page. This has the
>> result of customers inadvertently placing orders with five, and nine
>> digit quantities in there, resulting in attempted charges of millions of
>> dollars to their credit cards.
>>
>> The simple fix is to add autocomplete="off" to the quantity input in
>> include/checkout/shopping_cart. This should also be added to other
>> fields throughout the demo where the browser has no business trying to
>> auto-fill data.
>>
>>
>> Peter
>
>
> I have recently seen a couple failed charges for crazy-high dollar
> amounts. Thanks for reporting this!
>
I have done a fair bit of research on this and a few things to note:
* Chrome does not honor autocomplete=off on the input level.
* But.. "If we encounter an autocomplete attribute that we don't
recognize, we won't try and fill it." ie autocomplete="SkipMePlease" on
the input level.
[reference - read last entry]
https://bugs.chromium.org/p/chromium/issues/detail?id=468153
I hope this helps a few people.
--
Warm Regards,
Sam Batschelet
End Point Corporation
More information about the interchange-users
mailing list