mastodon/app/controllers/concerns
ThibG 49eb4d4ddf
Add honeypot fields and minimum fill-out time for sign-up form (#15276)
* Add honeypot fields to limit non-specialized spam

Add two honeypot fields: a fake website input and a fake password confirmation
one. The label/placeholder/aria-label tells not to fill them, and they are
hidden in CSS, so legitimate users should not fall into these.

This should cut down on some non-Mastodon-specific spambots.

* Require a 3 seconds delay before submitting the registration form

* Fix tests

* Move registration form time check to model validation

* Give people a chance to clear the honeypot fields

* Refactor honeypot translation strings

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-10 06:27:26 +01:00
..
account_controller_concern.rb
account_owned_concern.rb
accountable_concern.rb
authorization.rb
cache_concern.rb
challengable_concern.rb
export_controller_concern.rb
localized.rb
rate_limit_headers.rb
registration_spam_concern.rb Add honeypot fields and minimum fill-out time for sign-up form (#15276) 2020-12-10 06:27:26 +01:00
session_tracking_concern.rb
sign_in_token_authentication_concern.rb Fix 2FA/sign-in token sessions being valid after password change (#14802) 2020-11-12 23:05:01 +01:00
signature_authentication.rb
signature_verification.rb
status_controller_concern.rb
two_factor_authentication_concern.rb Fix 2FA/sign-in token sessions being valid after password change (#14802) 2020-11-12 23:05:01 +01:00
user_tracking_concern.rb Fix 2FA/sign-in token sessions being valid after password change (#14802) 2020-11-12 23:05:01 +01:00