mastodon/app/controllers/concerns/registration_spam_concern.rb at 5bc8e2d1fdc3f1b1a0b9af5aed762d44e048250c - gearheads/mastodon - Zio Git

gearheads/mastodon

Archived

This repository has been archived on 2024-06-09. You can view files and clone it, but you cannot make any changes to it's state, such as pushing and creating new issues, pull requests or comments.

ThibG 49eb4d4ddf

Add honeypot fields and minimum fill-out time for sign-up form (#15276 )

* Add honeypot fields to limit non-specialized spam

Add two honeypot fields: a fake website input and a fake password confirmation
one. The label/placeholder/aria-label tells not to fill them, and they are
hidden in CSS, so legitimate users should not fall into these.

This should cut down on some non-Mastodon-specific spambots.

* Require a 3 seconds delay before submitting the registration form

* Fix tests

* Move registration form time check to model validation

* Give people a chance to clear the honeypot fields

* Refactor honeypot translation strings

Co-authored-by: Claire <claire.github-309c@sitedethib.com>

2020-12-10 06:27:26 +01:00

9 lines

190 B

Ruby

Raw Blame History

 # frozen_string_literal: true
 module RegistrationSpamConcern
   extend ActiveSupport::Concern
   def set_registration_form_time
     session[:registration_form_time] = Time.now.utc
   end
 end