使用 jQuery 和表单来消除垃圾邮件
我在网页上放置了一个表单,用户可以在其中向我们发送数据。不幸的是,网站管理员确实通过此表单收到了大量垃圾邮件,并且有效的提交内容被埋没了。
我已经使用验证码来绕过这个问题。但我认为每个人都会同意验证码对用户来说是一个很大的烦恼。
我切换到另一个解决方案:现在提交表单的 URL 指向 null:
<form id="sendDataForm" action="/null" method="post">
...
</form>
并且我使用 jQuery Excellent 表单插件:
$('#sendDataForm').ajaxForm({
url: '/ajax-data/'
});
从那时起,没有垃圾邮件到达网站管理员,并且有效的评论可以通过。唯一的缺点是没有 JavaScript 的用户无法向我们发送表单。但由于这是在 JavaScript Web 应用程序之上,因此我们可以放心地假设这些用户不是有效用户。
我的问题是:在一个 99% 的用户启用了 javascript 的世界中(并且可以为这些用户构建使用验证码的机制),为什么这个解决方案没有被更多地使用?我没有看到什么缺点?
I have put a form on a web page where the user can send us data. Unfortunately, the webmaster does get a lot of spam through this form and the valid submissions gets buried.
I have used captcha to bypass this problem. But I think that everyone would agree that captcha is a big annoyance to users.
I switched to another solution: now the URL of the submit form points to null:
<form id="sendDataForm" action="/null" method="post">
...
</form>
And I bypass the form submission using jQuery excellent form plugin:
$('#sendDataForm').ajaxForm({
url: '/ajax-data/'
});
Since then, no spam has reached the webmaster, and valid comments gets through. The only drawbacks is that users without javascript cannot send us the form. But since this is on top of a javascript web application, we can safely assume that these are not valid users.
My question is: in a world where 99% of users has javascript enabled (and a mechanism for those user could be build that uses captcha), why is this solution not more used? What drawback am I not seeing?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
这最终是一场打地鼠的游戏。它起作用的原因是因为它没有被更多地使用,如果是的话,垃圾邮件机器人将通过更新来解决它。最终您只是发出一个 http 请求,并且可以自动化。
It is ultimately a game of whack a mole. The reason it works is because it is not more used, if it were the spam bots would be updates to work around it. Ultimately you are just making an http request and that can be automated.
我什至不在 javascript 应用程序中使用 form 标签。
I don't even use the form tag in javascript apps.
我们混淆了必须使用 JavaScript 在线发布的电子邮件地址。这是一个很好的技巧,但只会导致大多数垃圾邮件机器人忽略 JavaScript。它并不能保证保护任何东西,只是一种使电子邮件地址收集者更难获取信息的工具。
We obfuscated email addresses that we have to post online with JavaScript. It's a good trick, but only cause most spam bots ignore JavaScript. It's not a guarantee to protect anything, just a tool to make it harder for email address harvesters to get information.