Add error report spam protection honeypot #2040
Open
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I have been experiencing an increase in spam mails via the error report form.
I agree with the comments and closing of #1211. However, bot farm requests from different origins are now creating almost daily Tickets across our SSP instances.
This patch adds a simple Honeypot with the common input name "name".
I have added it to some of our prod-instances and have not received any spam error reports and no false positives from them ever since.
It is easy to test by setting the "name" input value to a non-empty string via the browsers Inspect-function before submitting the report and does not effect real error reports due to the input element being invisible to human users.