diff options
| author | ThibG <thib@sitedethib.com> | 2020-12-10 06:27:26 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-10 06:27:26 +0100 |
| commit | 49eb4d4ddf61e25c5aaab89aa630ddd3c7f3c23d (patch) | |
| tree | 3ed700750271b0ac8892f2282325d9838b915446 /app/controllers/about_controller.rb | |
| parent | 9669167aaeaa834dcc99fa7df961c4f9b8118850 (diff) | |
Add honeypot fields and minimum fill-out time for sign-up form (#15276)
* Add honeypot fields to limit non-specialized spam Add two honeypot fields: a fake website input and a fake password confirmation one. The label/placeholder/aria-label tells not to fill them, and they are hidden in CSS, so legitimate users should not fall into these. This should cut down on some non-Mastodon-specific spambots. * Require a 3 seconds delay before submitting the registration form * Fix tests * Move registration form time check to model validation * Give people a chance to clear the honeypot fields * Refactor honeypot translation strings Co-authored-by: Claire <claire.github-309c@sitedethib.com>
Diffstat (limited to 'app/controllers/about_controller.rb')
| -rw-r--r-- | app/controllers/about_controller.rb | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/app/controllers/about_controller.rb b/app/controllers/about_controller.rb index abd1ec0cb..dcad5d3b4 100644 --- a/app/controllers/about_controller.rb +++ b/app/controllers/about_controller.rb @@ -1,12 +1,15 @@ # frozen_string_literal: true class AboutController < ApplicationController + include RegistrationSpamConcern + layout 'public' before_action :require_open_federation!, only: [:show, :more] before_action :set_body_classes, only: :show before_action :set_instance_presenter - before_action :set_expires_in, only: [:show, :more, :terms] + before_action :set_expires_in, only: [:more, :terms] + before_action :set_registration_form_time, only: :show skip_before_action :require_functional!, only: [:more, :terms] |