0001-misc-add-antibot-honeypot-38676.patch

Frédéric Péters, 30 avril 2020 22:34

Voir les différences: en ligne côte à côte

Subject: [PATCH] misc: add antibot honeypot (#38676)

 tests/test_form_pages.py | 11 +++++++++++
 wcs/forms/root.py        | 11 +++++++++++
 2 files changed, 22 insertions(+)

         resp.form['comment'] = 'plop'
         resp = resp.form.submit('submit')
         assert resp.location == 'http://example.net/test/1/#'
     def test_form_honeypot(pub):
         formdef = create_formdef()
         formdef.fields = [fields.StringField(id='0', label='string', required=False)]
         formdef.store()
         formdef.data_class().wipe()
         resp = get_app(pub).get('/test/')
         resp.forms[0]['f00'] = 'honey?'
         resp = resp.forms[0].submit('submit')
         assert 'Honey pot should be left untouched.' in resp

                 form.add_submit('savedraft', _('Save Draft'), css_class='save-draft',
                         attrs={'style': 'display: none'})
             # add fake field as honey pot
             honeypot = form.add(StringWidget, 'f00', value='',
                     title=_('leave this field blank to prove your humanity'),
                     size=25)
             honeypot.is_hidden = True
             context = {
                 'view': self,
                 'form': form,
-...
                             form.set_error('post_condition%d' % i, 'error')
                             page_error_messages.append(error_message)
                 if get_request().form.get('f00'):
                     form.add(HiddenErrorWidget, 'honeypot')
                     form.set_error('honeypot', 'error')
                     page_error_messages.append(_('Honey pot should be left untouched.'))
                 # form.get_submit() returns the name of the clicked button, and
                 # it will return True if the form has been submitted, but not
                 # by clicking on a submit widget; for example if an "add row"
+    -

Produits Entr'ouvert » w.c.s.