Reputation: 7152
Preventing spam submission via form using a hidden field
My boss hates captcha's and well, so do I even if they work. She instead suggests using a hidden field so that if it is filled out [by robots] that the form should not be submitted. Are there downsides to this method?
Upvotes: 1
Views: 4561
Answers (2)
Reputation: 870
The method you described is typically referred to as a honeypot. While some sites have had success with them in the past your results will vary depending on the value of spamming your site. Also, with honeypots getting more widespread adoption spammers are using smarter pieces of software that can circumvent these types of traps. I suggest you take a look at this proof-of-work service that will allow you to use better bot fighting techniques that are still invisible to your users. That said, for things that have serious security implications (e.g. forgot password) I strongly recommend you use a CAPTCHA.
Upvotes: 3
Reputation: 3093
You could trick any robot by exchanging the functions of the submit-button and the cancel-button:
$('form').submit(function(e){
e.preventDefault();
// remove user values
});
$('button').click(function(e){
e.preventDefault();
var data = $('form').serializeArray();
data['human'] = true; // hidden value
$.post('example.com', data);
});
Upvotes: 0
Related Questions
- Preventing a form from being submitted by spamming visitor
- Preventing bot form submission
- How can I intercept a JavaScript-triggered form submission?
- Can I prevent spam bots from submitting a form if its hidden?
- prevent spam using input type hidden
- using hidden form field to reduce spam
- Exclude hidden form fields from submit
- Is my form safe from spam bots?
- Protecting Froms From Scriptable Spamming
- Using jQuery with form to eliminate spam