Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Some spammers are hip to the hidden field trick.

Let's see if using a regular input with "display: none" is better.
  • Loading branch information...
commit ec0bcbfcd4581fdfa090a2719f9d5ec3b7c01c5b 1 parent 3332e46
@hardbap authored
Showing with 12 additions and 7 deletions.
  1. +4 −3 lib/trap_door.rb
  2. +8 −4 test/trap_door_test.rb
View
7 lib/trap_door.rb
@@ -1,6 +1,6 @@
module TrapDoor
mattr_accessor :honeypot_field_name
-
+
def self.included(controller)
self.honeypot_field_name = honeypot_field_name || :affiliate_id
controller.extend(ClassMethods)
@@ -20,10 +20,11 @@ def check_params
redirect_to 'http://en.wikipedia.org/wiki/User:Mike_Rosoft/Spambot' unless params[honeypot_field_name.to_sym].blank?
end
end
-
+
module TrapDoorHelper
def trap_door_field(options = {})
- hidden_field_tag(TrapDoor.honeypot_field_name, '', options)
+ options = options.reverse_merge({:style => 'display:none;'})
+ text_field_tag(TrapDoor.honeypot_field_name, '', options)
end
end
end
View
12 test/trap_door_test.rb
@@ -28,7 +28,7 @@ def setup
get :create
assert_response :success
end
-
+
test "should not redirect if honypot param is blank" do
get :create, :affiliate_id => ""
assert_response :success
@@ -48,17 +48,21 @@ def setup
class TrapDoorHelperTest < ActionView::TestCase
tests TrapDoor::TrapDoorHelper
-
+
def setup
TrapDoor.honeypot_field_name = :affiliate_id
end
test "should render the trap door field" do
- assert_dom_equal('<input name="affiliate_id" id="affiliate_id" value="" type="hidden" />', trap_door_field)
+ assert_dom_equal('<input name="affiliate_id" id="affiliate_id" value="" type="text" style="display:none;" />', trap_door_field)
end
test "should use the user defined honeypot field name" do
TrapDoor.honeypot_field_name = :spambot_id
- assert_dom_equal('<input name="spambot_id" id="spambot_id" value="" type="hidden" />', trap_door_field)
+ assert_dom_equal('<input name="spambot_id" id="spambot_id" value="" type="text" style="display:none;" />', trap_door_field)
+ end
+
+ test "should not override user supplied options" do
+ assert_dom_equal('<input name="affiliate_id" id="affiliate_id" value="" type="text" style="font:red;" />', trap_door_field(:style => 'font:red;'))
end
end
Please sign in to comment.
Something went wrong with that request. Please try again.