[RFC] Hide captcha field for users and add honeypot field #832
Conversation
|
Awesome, thank you @ausi. |
|
|
||
| <?php if (!$this->hasErrors()): ?> | ||
| <div style="display:none"> | ||
| <label for="ctrl_<?= $this->id ?>_hp">Do not fill out this field</label> |
There was a problem hiding this comment.
In English should be fill in this field and I wonder if we should translate it anyway for screenreaders? Also I wonder if there's some WAI-ARIA directive to improve usability for handicapped people.
There was a problem hiding this comment.
Yes, the PR wasn’t completely finished, thats why I added [RFC], not [RTM] :)
Because there is a display:none div directly around it, no user and no screenreader user will see that in 99.9999% of cases.
But yes, we should change it to Do not fill in this field and translate it.
There was a problem hiding this comment.
With display:none, the message will never be read out by screen readers. We do not need to translate it therefore.
|
@leofeyer should we restructure |
|
Followup: #835 |
|
@ausi Does this new function replace your anti-spam-extension? In other words, is it the same? |
|
It works with the same principles: time check, JS check and a honeypot field. So I think it should offer the same protection. The biggest difference to the anti-spam extension is the naming of the honeypot field I think. The extension tries to use very attractive names, but this can have conflict problems with other fields in the form. |
|
We could improve the new feature like "if there is no field named Does this make sense? And is it worth the effort? |
|
The "if there is no email" does not work reliably. You could determine that in the loadFormField hook in case of the form generator but the captcha is used elsewhere too. Like comments form or whatever the developers did directly with that widget. I think the honeypot field is going to work anyway. |
With these changes we would achieve the following: