Spam bypasses field validation by disabling Javascript | ww.wp.xz.cn

blacklp
(@blacklp)

5 years, 2 months ago

I have a form with a text field for postcode (UK format),and have used a pattern to ensure that the input is in a suitable format (2 letters followed by 1 or 2 numbers, and so on).

This works just fine in testing, but we were still getting spam with postcode set to ‘123456’ – which doesn’t match the pattern so should’t have been accepted.

I have found that all validation can be bypassed by disabling Javascript in the browser. (There’s even a Firefox add-in to make this easy to do!)

Is there any way to reject form submissions when Javascript is disabled?

Thanks,
Peter

The topic ‘Spam bypasses field validation by disabling Javascript’ is closed to new replies.

Tags

0 replies
1 participant
Last reply from: blacklp
Last activity: 5 years, 2 months ago
Status: not resolved