Another address validation error like T148748: Fix email address validation on donation form to allow .fr addresses. I replicated this with the donor's yahoo.ca email address, but a test @wikimedia.ca address didn't get the autocorrect suggestion.
Fr-tech, want to proofread?
UPDATE civicm_email SET email = REPLACE( email, 'gmail.con', 'gmail.com' ) WHERE email LIKE '%gmail.con'; UPDATE civicm_email SET email = REPLACE( email, 'yahoo.con', 'yahoo.com' ) WHERE email LIKE '%yahoo.con'; UPDATE civicm_email SET email = REPLACE( email, 'hotmail.con', 'hotmail.com' ) WHERE email LIKE '%hotmail.con';
I think it'll make a big difference to tailor the list to our donors.
But including the list of our top 100 email domains in the source code is a making a little bit of aggregate donor data public. Does that seem like a concern?
We got ticket #250398 today from a donor confused that the form suggested an alt for their
@yahoo.com.au address, for which the form suggested Did you mean @yahoo.com.ar?
I know we're suggesting alternates for valid email domains in the interest of the integrity of our data, and thus of our relationships with donors, but at least some of the donors receiving these suggestions interpret them as meaning their valid addresses will not work. The ones that do not contact us likely do not donate.
As much as possible I would like to balance the experience of these donors and the workload it generates for Donor Services with the data quality goal. We'll create messaging to explain the behavior of the form to these donors, but it would be helpful to have access to the list of domains for which suggestions will be offered. If we see a lot of these tickets during Big EN, I will suggest reducing the level of suggestions the form offers.
Also, if it's possible to track the clickthrough rates of donors who receive suggestions, that would be really helpful in assessing the situation.
OK, we just deployed a couple of changes to mitigate donor distress. The suggestion is now in a much more muted color so it doesn't look like our validation error messages. It should also be matching more narrowly, so things that aren't really close to entries on the list are left alone.
The donor comment from #253366 shows the extent of the confusion about the security and functioning of our donation form that these suggestions for valid domains can cause:
"as I was completing the payment information, the page asked me if my email address should actually be --------@------.mx. That was never my email address and I'm wondering where that came from. Is somebody in Mexico using my information, or is this a glitch in the system? The email address you have is the only one I have used for 20 years, and I have never had "mx" as part of it. Please let me know why this question showed up on your payment form."
We are following up with these donors case by case, but I think we should review this at some point in the future.