1
0
Fork 1
forked from fedi/mastodon
mastodon/app/controllers/concerns
ThibG 49eb4d4ddf
Add honeypot fields and minimum fill-out time for sign-up form (#15276)
* Add honeypot fields to limit non-specialized spam

Add two honeypot fields: a fake website input and a fake password confirmation
one. The label/placeholder/aria-label tells not to fill them, and they are
hidden in CSS, so legitimate users should not fall into these.

This should cut down on some non-Mastodon-specific spambots.

* Require a 3 seconds delay before submitting the registration form

* Fix tests

* Move registration form time check to model validation

* Give people a chance to clear the honeypot fields

* Refactor honeypot translation strings

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-10 06:27:26 +01:00
..
account_controller_concern.rb Add ActivityPub secure mode (#11269) 2019-07-11 20:11:09 +02:00
account_owned_concern.rb Add support for reversible suspensions through ActivityPub (#14989) 2020-11-08 00:28:39 +01:00
accountable_concern.rb Add logging of admin actions (#5757) 2017-11-24 02:05:53 +01:00
authorization.rb Add moderator role and add pundit policies for admin actions (#5635) 2017-11-11 20:23:33 +01:00
cache_concern.rb Make Array-creation behavior of Paginable more predictable (#14687) 2020-08-31 12:47:09 +02:00
challengable_concern.rb Bump rubocop from 0.86.0 to 0.88.0 (#14412) 2020-09-01 03:04:00 +02:00
export_controller_concern.rb Refactor settings controllers (#14767) 2020-09-11 20:56:35 +02:00
localized.rb Fix not working I18n on 2FA and Sign in token page (#14087) 2020-06-20 13:30:13 +02:00
rate_limit_headers.rb Add specific rate limits for posting and following (#13172) 2020-03-08 15:17:39 +01:00
registration_spam_concern.rb Add honeypot fields and minimum fill-out time for sign-up form (#15276) 2020-12-10 06:27:26 +01:00
session_tracking_concern.rb Update session activation time (fixes #5605) (#7408) 2018-05-11 13:20:58 +02:00
sign_in_token_authentication_concern.rb Fix 2FA/sign-in token sessions being valid after password change (#14802) 2020-11-12 23:05:01 +01:00
signature_authentication.rb Allow retrieval of private statuses (single or in outbox) using HTTP signatures (#6225) 2018-02-02 10:19:59 +01:00
signature_verification.rb Tweak signature verification (#15069) 2020-11-01 23:38:31 +01:00
status_controller_concern.rb Refactor controllers for statuses, accounts, and more (#11249) 2019-07-08 12:03:45 +02:00
two_factor_authentication_concern.rb Fix 2FA/sign-in token sessions being valid after password change (#14802) 2020-11-12 23:05:01 +01:00
user_tracking_concern.rb Fix 2FA/sign-in token sessions being valid after password change (#14802) 2020-11-12 23:05:01 +01:00