Page MenuHomePhabricator

Fix email address validation on donation form to allow yahoo.ca addresses
Closed, ResolvedPublic2 Story Points

Description

Another address validation error like T148748: Fix email address validation on donation form to allow .fr addresses. I replicated this with the donor's yahoo.ca email address, but a test @wikimedia.ca address didn't get the autocorrect suggestion.

Details

Related Gerrit Patches:
mediawiki/extensions/DonationInterface : masterAdd a dismiss button to mailcheck suggestion
mediawiki/extensions/DonationInterface : masterFit mailcheck domain list to our donor population
mediawiki/extensions/DonationInterface : masterMake mailcheck more conservative
mediawiki/extensions/DonationInterface : masterMake mailcheck suggestions more subtle

Event Timeline

MBeat33 created this task.Oct 24 2016, 2:33 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 24 2016, 2:33 PM
MBeat33 triaged this task as Unbreak Now! priority.Oct 24 2016, 2:33 PM
Restricted Application added subscribers: Jay8g, Luke081515, TerraCodes. · View Herald TranscriptOct 24 2016, 2:33 PM
Ejegg added a comment.Oct 24 2016, 4:15 PM

Maybe we can make it more clear that this is just a suggestion? I could change the color to black instead of red, and add a prominent 'X' button to dismiss the suggestion.

Ejegg added a comment.Oct 24 2016, 4:41 PM

Anyway, let's decide on a good cutoff for the list of suggested domains. If I look at the top 50 donor domains (yahoo.ca is around #40), that gets us down to domains with 11,500 donors. Top 75 - 7,500 donors. Top 100 is domains with >= 5,000 donors. 150 gets us to domains with 2,800 donors, and we probably don't want to bloat our javascript too far.

Ejegg added a comment.Oct 24 2016, 4:45 PM

Side note: we missed some '.con' domains in our last typo cleanup:

numdomain
1009gmail.con
250hotmail.con
271yahoo.con

I'll fix those.

Ejegg added a comment.Oct 24 2016, 4:49 PM

Fr-tech, want to proofread?

UPDATE civicm_email 
SET email = REPLACE( email, 'gmail.con', 'gmail.com' )
WHERE email LIKE '%gmail.con';

UPDATE civicm_email
SET email = REPLACE( email, 'yahoo.con', 'yahoo.com' )
WHERE email LIKE '%yahoo.con';

UPDATE civicm_email
SET email = REPLACE( email, 'hotmail.con', 'hotmail.com' )
WHERE email LIKE '%hotmail.con';

Change 317581 had a related patch set uploaded (by Ejegg):
Make mailcheck suggestions more subtle

https://gerrit.wikimedia.org/r/317581

@Ejegg and I talked about this and the first step we can take is changing the font to grey and matching the size of text in the fields.

This should make it look less like an critical error and more like a suggestion. It looks like @Ejegg already committed something against this task.

DStrine lowered the priority of this task from Unbreak Now! to High.Oct 24 2016, 9:21 PM

I think it'll make a big difference to tailor the list to our donors.

But including the list of our top 100 email domains in the source code is a making a little bit of aggregate donor data public. Does that seem like a concern?

Change 317726 had a related patch set uploaded (by Ejegg):
Make mailcheck more conservative

https://gerrit.wikimedia.org/r/317726

Ejegg claimed this task.Oct 24 2016, 11:51 PM
Ejegg set the point value for this task to 2.
Ejegg moved this task from Backlog to Review on the Fundraising Sprint Testing on Production board.
MBeat33 added a comment.EditedOct 25 2016, 6:34 PM

We got ticket #250398 today from a donor confused that the form suggested an alt for their
@yahoo.com.au address, for which the form suggested Did you mean @yahoo.com.ar?

I know we're suggesting alternates for valid email domains in the interest of the integrity of our data, and thus of our relationships with donors, but at least some of the donors receiving these suggestions interpret them as meaning their valid addresses will not work. The ones that do not contact us likely do not donate.

As much as possible I would like to balance the experience of these donors and the workload it generates for Donor Services with the data quality goal. We'll create messaging to explain the behavior of the form to these donors, but it would be helpful to have access to the list of domains for which suggestions will be offered. If we see a lot of these tickets during Big EN, I will suggest reducing the level of suggestions the form offers.

Also, if it's possible to track the clickthrough rates of donors who receive suggestions, that would be really helpful in assessing the situation.

Change 317864 had a related patch set uploaded (by Ejegg):
Add a dismiss button to mailcheck suggestion

https://gerrit.wikimedia.org/r/317864

Change 317581 merged by jenkins-bot:
Make mailcheck suggestions more subtle

https://gerrit.wikimedia.org/r/317581

Change 317726 merged by jenkins-bot:
Make mailcheck more conservative

https://gerrit.wikimedia.org/r/317726

OK, we just deployed a couple of changes to mitigate donor distress. The suggestion is now in a much more muted color so it doesn't look like our validation error messages. It should also be matching more narrowly, so things that aren't really close to entries on the list are left alone.

Cool, thank you @Ejegg

The donor comment from #253366 shows the extent of the confusion about the security and functioning of our donation form that these suggestions for valid domains can cause:

"as I was completing the payment information, the page asked me if my email address should actually be --------@------.mx. That was never my email address and I'm wondering where that came from. Is somebody in Mexico using my information, or is this a glitch in the system? The email address you have is the only one I have used for 20 years, and I have never had "mx" as part of it. Please let me know why this question showed up on your payment form."

We are following up with these donors case by case, but I think we should review this at some point in the future.

Change 319234 had a related patch set uploaded (by Ejegg):
Fit mailcheck domain list to our donor population

https://gerrit.wikimedia.org/r/319234

Change 319234 merged by jenkins-bot:
Fit mailcheck domain list to our donor population

https://gerrit.wikimedia.org/r/319234

Ejegg closed this task as Resolved.Nov 2 2016, 8:12 PM

OK, we've added the top ~100 domains from our db to the suggestion list, including yahoo.ca

Change 317864 merged by jenkins-bot:
Add a dismiss button to mailcheck suggestion

https://gerrit.wikimedia.org/r/317864