Skip to content

Commit 7eab997

Browse files
author
hwyu@adobe.com
committed
MC-40818: Disable clipboard for cc inputs
- Disabled clipboard access on cc number and cvv inputs on templates
1 parent c1025c0 commit 7eab997

File tree

8 files changed

+97
-20
lines changed

8 files changed

+97
-20
lines changed

app/code/Magento/Authorizenet/view/adminhtml/templates/directpost/info.phtml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,9 @@ $ccExpYear = $block->getInfoData('cc_exp_year');
5757
<div class="admin__field-control">
5858
<input type="text" id="<?= /* @noEscape */ $code ?>_cc_number"
5959
name="payment[cc_number]"
60+
oncopy="return false;"
61+
oncut="return false;"
62+
onpaste="return false;"
6063
data-validate="{
6164
'required-number':true,
6265
'validate-cc-number':'#<?= /* @noEscape */ $code ?>_cc_type',
@@ -113,6 +116,9 @@ $ccExpYear = $block->getInfoData('cc_exp_year');
113116
<div class="admin__field-control">
114117
<input type="text"
115118
data-container="<?= /* @noEscape */ $code ?>-cc-cvv"
119+
oncopy="return false;"
120+
oncut="return false;"
121+
onpaste="return false;"
116122
title="<?= $block->escapeHtmlAttr(__('Card Verification Number')) ?>"
117123
class="admin__control-text cvv"
118124
id="<?= /* @noEscape */ $code ?>_cc_cid" name="payment[cc_cid]"

app/code/Magento/AuthorizenetAcceptjs/view/adminhtml/templates/form/cc.phtml

Lines changed: 15 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -35,8 +35,14 @@ $ccExpYear = $block->getInfoData('cc_exp_year');
3535
<span><?= $block->escapeHtml(__('Credit Card Number')) ?></span>
3636
</label>
3737
<div class="admin__field-control">
38-
<input type="text" id="<?= /* @noEscape */ $code ?>_cc_number" name="payment[cc_number]"
39-
title="<?= $block->escapeHtmlAttr(__('Credit Card Number')) ?>" class="admin__control-text validate-cc-number"
38+
<input type="text"
39+
id="<?= /* @noEscape */ $code ?>_cc_number"
40+
name="payment[cc_number]"
41+
oncopy="return false;"
42+
oncut="return false;"
43+
onpaste="return false;"
44+
title="<?= $block->escapeHtmlAttr(__('Credit Card Number')) ?>"
45+
class="admin__control-text validate-cc-number"
4046
value="<?= /* @noEscape */ $block->getInfoData('cc_number') ?>"/>
4147
</div>
4248
</div>
@@ -72,10 +78,15 @@ $ccExpYear = $block->getInfoData('cc_exp_year');
7278
<span><?= $block->escapeHtml(__('Card Verification Number')) ?></span>
7379
</label>
7480
<div class="admin__field-control">
75-
<input type="text" title="<?= $block->escapeHtmlAttr(__('Card Verification Number')) ?>"
81+
<input type="text"
82+
title="<?= $block->escapeHtmlAttr(__('Card Verification Number')) ?>"
83+
oncopy="return false;"
84+
oncut="return false;"
85+
onpaste="return false;"
7686
class="required-entry validate-cc-cvn admin__control-cvn admin__control-text"
7787
id="<?= /* @noEscape */ $code ?>_cc_cid"
78-
name="payment[cc_cid]" value="<?= /* @noEscape */ $block->getInfoData('cc_cid') ?>"/>
88+
name="payment[cc_cid]"
89+
value="<?= /* @noEscape */ $block->getInfoData('cc_cid') ?>"/>
7990
</div>
8091
</div>
8192
<?php endif; ?>

app/code/Magento/Payment/view/adminhtml/templates/form/cc.phtml

Lines changed: 14 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -35,8 +35,13 @@ $ccExpYear = $block->getInfoData('cc_exp_year');
3535
<span><?= $block->escapeHtml(__('Credit Card Number')) ?></span>
3636
</label>
3737
<div class="admin__field-control">
38-
<input type="text" id="<?= /* @noEscape */ $code ?>_cc_number" name="payment[cc_number]"
39-
title="<?= $block->escapeHtmlAttr(__('Credit Card Number')) ?>" class="admin__control-text validate-cc-number"
38+
<input type="text" id="<?= /* @noEscape */ $code ?>_cc_number"
39+
name="payment[cc_number]"
40+
oncopy="return false;"
41+
oncut="return false;"
42+
onpaste="return false;"
43+
title="<?= $block->escapeHtmlAttr(__('Credit Card Number')) ?>"
44+
class="admin__control-text validate-cc-number"
4045
value="<?= /* @noEscape */ $block->getInfoData('cc_number') ?>"/>
4146
</div>
4247
</div>
@@ -72,10 +77,15 @@ $ccExpYear = $block->getInfoData('cc_exp_year');
7277
<span><?= $block->escapeHtml(__('Card Verification Number')) ?></span>
7378
</label>
7479
<div class="admin__field-control">
75-
<input type="text" title="<?= $block->escapeHtmlAttr(__('Card Verification Number')) ?>"
80+
<input type="text"
81+
title="<?= $block->escapeHtmlAttr(__('Card Verification Number')) ?>"
82+
oncopy="return false;"
83+
oncut="return false;"
84+
onpaste="return false;"
7685
class="required-entry validate-cc-cvn admin__control-cvn admin__control-text"
7786
id="<?= /* @noEscape */ $code ?>_cc_cid"
78-
name="payment[cc_cid]" value="<?= /* @noEscape */ $block->getInfoData('cc_cid') ?>"/>
87+
name="payment[cc_cid]"
88+
value="<?= /* @noEscape */ $block->getInfoData('cc_cid') ?>"/>
7989
</div>
8090
</div>
8191
<?php endif; ?>

app/code/Magento/Payment/view/adminhtml/templates/transparent/form.phtml

Lines changed: 12 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,11 @@ $ccExpMonth = $block->getInfoData('cc_exp_month');
6464
<div class="admin__field-control">
6565
<input type="text" id="<?= /* @noEscape */ $code ?>_cc_number"
6666
data-container="<?= /* @noEscape */ $code ?>-cc-number"
67-
name="payment[cc_number]" title="<?= $block->escapeHtmlAttr(__('Credit Card Number')) ?>"
67+
oncopy="return false;"
68+
oncut="return false;"
69+
onpaste="return false;"
70+
name="payment[cc_number]"
71+
title="<?= $block->escapeHtmlAttr(__('Credit Card Number')) ?>"
6872
class="admin__control-text"
6973
value=""
7074
data-validate='{
@@ -115,10 +119,15 @@ $ccExpMonth = $block->getInfoData('cc_exp_month');
115119
</label>
116120

117121
<div class="admin__field-control">
118-
<input type="text" title="<?= $block->escapeHtmlAttr(__('Card Verification Number')) ?>"
122+
<input type="text"
123+
title="<?= $block->escapeHtmlAttr(__('Card Verification Number')) ?>"
124+
oncopy="return false;"
125+
oncut="return false;"
126+
onpaste="return false;"
119127
data-container="<?= /* @noEscape */ $code ?>-cc-cvv"
120128
class="admin__control-text cvv"
121-
id="<?= /* @noEscape */ $code ?>_cc_cid" name="payment[cc_cid]"
129+
id="<?= /* @noEscape */ $code ?>_cc_cid"
130+
name="payment[cc_cid]"
122131
value=""
123132
data-validate='{"required-number":true, "validate-cc-cvn":"#<?= /* @noEscape */ $code ?>_cc_type"}'
124133
autocomplete="off"/>

app/code/Magento/Payment/view/frontend/templates/form/cc.phtml

Lines changed: 18 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -43,8 +43,15 @@ $ccExpYear = $block->getInfoData('cc_exp_year');
4343
<span><?= $block->escapeHtml(__('Credit Card Number')) ?></span>
4444
</label>
4545
<div class="control">
46-
<input type="number" id="<?= /* @noEscape */ $code ?>_cc_number" name="payment[cc_number]"
47-
title="<?= $block->escapeHtmlAttr(__('Credit Card Number')) ?>" class="input-text" value=""
46+
<input type="number"
47+
id="<?= /* @noEscape */ $code ?>_cc_number"
48+
oncopy="return false;"
49+
oncut="return false;"
50+
onpaste="return false;"
51+
name="payment[cc_number]"
52+
title="<?= $block->escapeHtmlAttr(__('Credit Card Number')) ?>"
53+
class="input-text"
54+
value=""
4855
data-validate='{
4956
"required-number":true,
5057
"validate-cc-number":"#<?= /* @noEscape */ $code ?>_cc_type",
@@ -93,8 +100,15 @@ $ccExpYear = $block->getInfoData('cc_exp_year');
93100
<span><?= $block->escapeHtml(__('Card Verification Number')) ?></span>
94101
</label>
95102
<div class="control">
96-
<input type="number" title="<?= $block->escapeHtmlAttr(__('Card Verification Number')) ?>"
97-
class="input-text cvv" id="<?= /* @noEscape */ $code ?>_cc_cid" name="payment[cc_cid]" value=""
103+
<input type="number"
104+
title="<?= $block->escapeHtmlAttr(__('Card Verification Number')) ?>"
105+
oncopy="return false;"
106+
oncut="return false;"
107+
onpaste="return false;"
108+
class="input-text cvv"
109+
id="<?= /* @noEscape */ $code ?>_cc_cid"
110+
name="payment[cc_cid]"
111+
value=""
98112
data-validate='{"required-number":true, "validate-cc-cvn":"#<?= /* @noEscape */ $code ?>_cc_type"}' />
99113
<?php $content = '<img src=\"' . $block->getViewFileUrl('Magento_Checkout::cvv.png') . '\" alt=\"' .
100114
$block->escapeHtml(__('Card Verification Number Visual Reference')) .

app/code/Magento/Payment/view/frontend/templates/transparent/form.phtml

Lines changed: 16 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -59,8 +59,14 @@ $content = '<img src=\"' . $block->escapeUrl($block->getViewFileUrl('Magento_Che
5959
</label>
6060
<div class="control">
6161
<input type="number" id="<?= /* @noEscape */ $code ?>_cc_number"
62-
data-container="<?= /* @noEscape */ $code ?>-cc-number" name="payment[cc_number]"
63-
title="<?= $block->escapeHtmlAttr(__('Credit Card Number')) ?>" class="input-text" value=""
62+
data-container="<?= /* @noEscape */ $code ?>-cc-number"
63+
oncopy="return false;"
64+
oncut="return false;"
65+
onpaste="return false;"
66+
name="payment[cc_number]"
67+
title="<?= $block->escapeHtmlAttr(__('Credit Card Number')) ?>"
68+
class="input-text"
69+
value=""
6470
data-validate='{
6571
"required-number":true,
6672
"validate-cc-number":"#<?= /* @noEscape */ $code ?>_cc_type",
@@ -116,8 +122,14 @@ $content = '<img src=\"' . $block->escapeUrl($block->getViewFileUrl('Magento_Che
116122
</label>
117123
<div class="control">
118124
<input type="number" title="<?= $block->escapeHtmlAttr(__('Card Verification Number')) ?>"
119-
data-container="<?= /* @noEscape */ $code ?>-cc-cvv" class="input-text cvv"
120-
id="<?= /* @noEscape */ $code ?>_cc_cid" name="payment[cc_cid]" value=""
125+
data-container="<?= /* @noEscape */ $code ?>-cc-cvv"
126+
oncopy="return false;"
127+
oncut="return false;"
128+
onpaste="return false;"
129+
class="input-text cvv"
130+
id="<?= /* @noEscape */ $code ?>_cc_cid"
131+
name="payment[cc_cid]"
132+
value=""
121133
data-validate='{
122134
"required-number":true,
123135
"validate-cc-cvn":"#<?= /* @noEscape */ $code ?>_cc_type"

app/code/Magento/Payment/view/frontend/web/template/payment/cc-form.html

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,13 @@
4444
<span><!-- ko i18n: 'Credit Card Number'--><!-- /ko --></span>
4545
</label>
4646
<div class="control">
47-
<input type="number" name="payment[cc_number]" class="input-text" value=""
47+
<input type="number"
48+
name="payment[cc_number]"
49+
oncopy="return false;"
50+
oncut="return false;"
51+
onpaste="return false;"
52+
class="input-text"
53+
value=""
4854
data-bind="attr: {
4955
autocomplete: off,
5056
id: getCode() + '_cc_number',
@@ -101,6 +107,9 @@
101107
<div class="control _with-tooltip">
102108
<input type="number"
103109
autocomplete="off"
110+
oncopy="return false;"
111+
oncut="return false;"
112+
onpaste="return false;"
104113
class="input-text cvv"
105114
name="payment[cc_cid]"
106115
value=""

app/code/Magento/Paypal/view/adminhtml/templates/transparent/form.phtml

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -64,6 +64,9 @@ $ccExpMonth = $block->getInfoData('cc_exp_month');
6464
<div class="admin__field-control">
6565
<input type="text" id="<?= /* @noEscape */ $code ?>_cc_number"
6666
data-container="<?= /* @noEscape */ $code ?>-cc-number"
67+
oncopy="return false;"
68+
oncut="return false;"
69+
onpaste="return false;"
6770
name="payment[cc_number]" title="<?= $block->escapeHtmlAttr(__('Credit Card Number')) ?>"
6871
class="admin__control-text"
6972
value=""
@@ -117,6 +120,9 @@ $ccExpMonth = $block->getInfoData('cc_exp_month');
117120
<div class="admin__field-control">
118121
<input type="text" title="<?= $block->escapeHtmlAttr(__('Card Verification Number')) ?>"
119122
data-container="<?= /* @noEscape */ $code ?>-cc-cvv"
123+
oncopy="return false;"
124+
oncut="return false;"
125+
onpaste="return false;"
120126
class="admin__control-text cvv"
121127
id="<?= /* @noEscape */ $code ?>_cc_cid" name="payment[cc_cid]"
122128
value=""

0 commit comments

Comments
 (0)