Using Anti Spam Fields in Enterprise Forms
Enterprise Forms provides an Anti Spam field, which can be configured as either a Slider or a Honeypot field.
Slider
When an Anti Spam field is configured as Slider, the idea is that the site renders a slider (or another front-end widget), which dynamically (through Javascript) adds a name-value pair to the to-be-protected form. Upon submission of the form, the back-end applies the Slider's validation rule, which requires the Slider field to be present and non-empty.
The Enterprise Forms demo project includes an "Anti-Spam Form" with a Slider, which uses a jQuery-based slider widget. Consult the relevant demo templates to see how the demo project supports Anti Spam fields of type Slider.
Honeypot
When an Anti Spam field is configured as Honeypot, the idea is that the field is rendered invisible, such that normal (human) users do not see it and don't fill in a value. Upon submission of the form, the back-end applies the Honeypot's validation rule, which requires the Honeypot field to be empty.
The Enterprise Forms demo project includes an "Anti-Spam Form" with a Honeypot, which is rendered with the specified custom CSS class (which would typically trigger a CSS display:none value), or a style="display:none" attribute if no custom CSS class is specified. Consult the relevant demo templates to see how the demo project supports Anti Spam fields of type Honeypot.
Disabling Anti Spam fields
By default, the Anti Spam field type is shown in the CMS' form editor, so it can be added to new or existing form documents. If your project does not wish to support this field type, we recommend to disable it in order to avoid building broken forms or creating a false sense of protection (see Note above). The Anti Spam field type (or any other field type) can be disabled in the repository-based configuration of the Enterprise Forms document type (eforms:form). In the Console, navigate to
/hippo:namespaces/eforms/form/editor:templates/_default_/root/cluster.options
and add the following value to the multi-valued String-property field.exclude:
com.onehippo.cms7.eforms.cms.fields.AntiSpamField
In order to automatically roll out this change into a production environment, we recommend adding a hippo:contentpropadd initialize item to the hippoecm-extension.xml file of your project's configuration bootstrap module:
<sv:node sv:name="eforms-disable-antispam-field-delta"> <sv:property sv:name="jcr:primaryType" sv:type="Name"> <sv:value>hippo:initializeitem</sv:value> </sv:property> <sv:property sv:name="hippo:sequence" sv:type="Double"> <sv:value>30000</sv:value> </sv:property> <sv:property sv:name="hippo:contentroot" sv:type="String"> <sv:value>/hippo:namespaces/eforms/form/editor:templates/_default_/root/cluster.options/field.exclude</sv:value> </sv:property> <sv:property sv:name="hippo:contentpropadd" sv:type="String"> <sv:value>com.onehippo.cms7.eforms.cms.fields.AntiSpamField</sv:value> </sv:property> </sv:node>