Add optional honeypot protection to your Wagtail forms.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for nickmoreton from gravatar.com nickmoreton

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT License)
  • Author: Nick Moreton
  • Tags wagtail , honeypot , forms , spam
  • Requires: Python >=3.10
Classifiers
Report project as malware

Project description

Wagtail Honeypot

Alt text

Add optional form spam protection to your Wagtail forms

It should help to reduce form spam by tricking bots into submitting data in fields that should remain empty.

How it works

When the Wagtail Form is submitted and the honeypot protection is enabled, the honeypot fields & values are available in the POST data.

It provides validation for a hidden text field that should remain empty and checks a time interval between the form being displayed and submitted.

If the form is submitted with content in the hidden field or before the interval expires the submission is ignored.

  • No email is sent
  • No submission is stored

Installation and setup

Add the package to your python environment.

pip install wagtail-honeypot

Add the package to your settings

INSTALLED_APPS = [
    ...
    "wagtail_honeypot",
    ...
]

The HoneypotFormMixin & HoneypotFormSubmissionMixin

They will add a honeypot enable/disable field to your form page model and custom form submission method.

If you follow the official Wagtail docs for the Form Builder your form should look something like this...

from wagtail_honeypot.models import (
    HoneypotFormMixin, HoneypotFormSubmissionMixin
)

class FormField(AbstractFormField):
    page = ParentalKey("FormPage", related_name="form_fields")

class FormPage(HoneypotFormMixin, HoneypotFormSubmissionMixin):
    intro = RichTextField(blank=True)
    thank_you_text = RichTextField(blank=True)

    content_panels = AbstractEmailForm.content_panels + [
        FieldPanel("intro", classname="full"),
        InlinePanel("form_fields", label="Form fields"),
        FieldPanel("thank_you_text", classname="full"),
        MultiFieldPanel(
            [
                FieldRowPanel(
                    [
                        FieldPanel("from_address", classname="col6"),
                        FieldPanel("to_address", classname="col6"),
                    ]
                ),
                FieldPanel("subject"),
            ],
            "Email",
        ),
    ]

    honeypot_panels = [
        MultiFieldPanel(
            [FieldPanel("honeypot")],
            heading="Reduce Form Spam",
        )
    ]

    edit_handler = TabbedInterface(
        [
            ObjectList(content_panels, heading="Content"),
            ObjectList(honeypot_panels, heading="Honeypot"),
            ObjectList(Page.promote_panels, heading="Promote"),
            ObjectList(Page.settings_panels, heading="Settings", classname="settings"),
        ]
    )

If you prefer you could add the honeypot field to the content_panels rather than a new Tab

# replace
edit_handler = TabbedInterface(
        [
            ObjectList(content_panels, heading="Content"),
            ObjectList(honeypot_panels, heading="Honeypot"),
            ObjectList(Page.promote_panels, heading="Promote"),
            ObjectList(Page.settings_panels, heading="Settings", classname="settings"),
        ]
    )

# with
content_panels = content_panels + honeypot_panels

Run python manage.py makemigrations and python manage.py migrate here

Honeypot Template Tag

Add the following template tag loader to your form page.

{% load honeypot_tags %}

Add the Honeypot fields template tag anywhere inside the form

<form>
...
{% honeypot_fields page.honeypot %}
...
</form>

In your Wagtail site you should now be able to add a new form page, enable the honeypot field.

Test that the honey pot field works

  1. View the newly created form page.
  2. The honeypot field is visible and could be submitted with any value.
  3. Test it out by submitting the form with the honeypot field set to any value. It won't save the form submission or send an email if you have enabled that in your form page.

Hide the Honeypot field

The honeypot field should be invisible to when viewed in a browser.

Use CSS & JS to hide the honeypot field

The package has some basic css and javascript you can use to hide the field.

Example: add the following to your form template.

<!-- recommended:
to add both but you can use one or the other -->

{% block extra_css %}
<link rel="stylesheet" href="{% static 'css/honeypot.css' %}">
{% endblock extra_css %}

<!-- alternative:
but without the css above loaded first
the field could be seen for a flash while the page loads -->

{% block extra_js %}
<script src="{% static 'js/honeypot.js' %}"></script>
{% endblock extra_js %}

The field should be visibly hidden and not be available to receive any value from a site visitor.

When rendered, the fields will have the HTML attributes tabindex="-1" autocomplete="off" aria-hidden="true" to keep them out of normal keyboard navigation, disable browser autocomplete, and hide them from assistive technology.

Developer Documentation

Developer Docs for detailed help.

Versions

Wagtail honey pot can be used in environments:

  • Python 3.10+
  • Django 4.2+
  • Wagtail 6.3+

Contributions

Contributions or ideas to improve this package are welcome.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for nickmoreton from gravatar.com nickmoreton

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT License)
  • Author: Nick Moreton
  • Tags wagtail , honeypot , forms , spam
  • Requires: Python >=3.10
Classifiers

Release history Release notifications | RSS feed

This version

1.3.0

1.2.1

1.2.0

1.1.0

1.0.0

0.2.0

0.1.0

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

wagtail_honeypot-1.3.0.tar.gz (13.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

wagtail_honeypot-1.3.0-py3-none-any.whl (8.6 kB view details)

Uploaded Python 3

File details

Details for the file wagtail_honeypot-1.3.0.tar.gz.

File metadata

  • Download URL: wagtail_honeypot-1.3.0.tar.gz
  • Upload date:
  • Size: 13.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for wagtail_honeypot-1.3.0.tar.gz
Algorithm Hash digest
SHA256 fe580de264c01f871a40951c4761633fe9bab8b6dd9739aa176ef2ee4f96c493
MD5 12cc5cea664809498f2bc0175dffcf91
BLAKE2b-256 8fae8216abb84142b2e4a3240ed5884297c4f4a167540cc41b777b9eb54d3283

See more details on using hashes here.

Provenance

The following attestation bundles were made for wagtail_honeypot-1.3.0.tar.gz:

Publisher: release.yml on nm-packages/wagtail-honeypot

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file wagtail_honeypot-1.3.0-py3-none-any.whl.

File metadata

File hashes

Hashes for wagtail_honeypot-1.3.0-py3-none-any.whl
Algorithm Hash digest
SHA256 8816978b15bd77d2868e94fb3e64ea5339711260413e544f7bcdd9ff3fb565c4
MD5 db5f343a03d4ee652bf046eae9a3ee2d
BLAKE2b-256 0a05f2e07ae5fb188402e5e7f6ea5ecdb96874a3c2e0dc3ad05124b138a36c6a

See more details on using hashes here.

Provenance

The following attestation bundles were made for wagtail_honeypot-1.3.0-py3-none-any.whl:

Publisher: release.yml on nm-packages/wagtail-honeypot

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page