New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Form spam protection request #614

Closed
deepsurface opened this Issue Apr 19, 2016 · 5 comments

Comments

Projects
None yet
3 participants
@deepsurface

deepsurface commented Apr 19, 2016

I would like to see some type of spam prevention solution for forms built in to version 2.

After updating to V2, my form spam has increased significantly. It has gone from one every few months to about one a day. I would rather not inflict this on my clients with forms. Honeypot for Raven in V1 must have been more successful than I realized.

Forcing visitors to deal with Captcha or reCaptcha is something I'm loathe to do and it would be great to have an invisible solution like honeypot available in this version.

@lesaff

This comment has been minimized.

lesaff commented Apr 19, 2016

We use Ajax for our v2 form and implemented our own honeypot.

In your form

<input type="text" style="display:none;visibility:hidden" id="honeypot" name="honeypot" />

In your JS (I am using JQuery but you can get by without, just need to refactor it to vanilla JS)

var honeypot = $('#honeypot').val();
var form = $('#myform');

form.submit(function(e){
    e.preventDefault();

    if (honeypot == '' || honeypot == null) {

        $.ajax({
            type: 'POST',
            url: '/!/Form/create',
            data: form.serialize(),
            success: function(data) {
                // Do whatever you need to do
            }
        });
    }
 });
@jasonvarga

This comment has been minimized.

Member

jasonvarga commented Apr 19, 2016

I saw you mention the spam problem in the Slack room and wondered why updating to v2 alone would become an issue.

Sounds like you used Honeypot in v1, but not in v2. Is that right?

@deepsurface

This comment has been minimized.

deepsurface commented Apr 19, 2016

That's right. I didn't try it because I didn't see a mention of honeypot or spam in the new docs. Does it still work in V2?

@jasonvarga

This comment has been minimized.

Member

jasonvarga commented Apr 19, 2016

Nope. We'll be adding that.

@deepsurface

This comment has been minimized.

deepsurface commented Apr 19, 2016

Thanks, Rudy. Didn't realize it was that easy.

Sounds good, Jason.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment