[Vtigercrm-developers] webforms spammy content
nilay khatri
nilay.spartan at gmail.com
Sat Jul 24 10:48:20 GMT 2021
That's the problem, technically and operationally!
Technically bots can bypass your validations in different ways. This when
combined with the operational issue where 2 teams are involved, website dev
and crm dev teams, it becomes a pain to manage.
However you can create abstraction such that the website team takes care of
client side validation and at CRM side we add event listeners to
sanitize/pre-process the form data.
Potentially with this you can even map fields from Lead gen forms like on
FB, Insta, Webhooks data etc. to webforms :)
On Sat, Jul 24, 2021 at 4:07 PM Alan Lord <alanslists at gmail.com> wrote:
> We generally pre-process/sanitise/validate the form before submitting to
> the vtiger webform.
>
> Al
>
>
> On 24/07/2021 11:00, nilay khatri wrote:
> > This is one of the discussions carried upon earlier, where I pointed to
> > trigger events on webform submissions.
> >
> > This is one of the example situations where you want to add some sort of
> > filter before the webform gets submitted.
> >
> > Another scenario is where you might like to lookup if there is an
> > existing contact based on email/phone and link the form data.
> >
> > BDW, captcha support is still not fixed/updated for webforms since 3
> years.
> >
> > https://code.vtiger.com/vtiger/vtigercrm/issues/1266
> > <https://code.vtiger.com/vtiger/vtigercrm/issues/1266>
> > https://code.vtiger.com/vtiger/vtigercrm/issues/1265
> > <https://code.vtiger.com/vtiger/vtigercrm/issues/1265>
> > https://code.vtiger.com/vtiger/vtigercrm/issues/954
> > <https://code.vtiger.com/vtiger/vtigercrm/issues/954>
> >
> > On Sat, Jul 24, 2021 at 11:55 AM Prasad <prasad at vtiger.com
> > <mailto:prasad at vtiger.com>> wrote:
> >
> > Description text-area is capturing the incoming content as text and
> > displaying it.
> >
> > You can add a pre-save handler to pre-process and reject.
> >
> > On Sat, Jul 24, 2021 at 12:59 AM Rubén A. Estrada Orozco
> > <rulotec1 at gmail.com <mailto:rulotec1 at gmail.com>> wrote:
> >
> > Hi ,
> >
> > I have a webform in a webpage with a reCaptcha "I'm not a
> > robot" checkbox.
> >
> > However, lately I've been receiving leads in vtiger with a
> > description like this:
> >
> > Ideal para ti
> > <a href="https://bit.ly/3zqbZMl <https://bit.ly/3zqbZMl>"><img
> > src="
> https://lh3.googleusercontent.com/proxy/ytyaxlg_7yvuaSla5AjOvXO1TwrBllb1RPAeeb7BmRcerhx2vL2uWLEDUSctpRoSJ6U0pmbLdKKcRGIT33YX83kYY7Vg_cE_Hg
> > <
> https://lh3.googleusercontent.com/proxy/ytyaxlg_7yvuaSla5AjOvXO1TwrBllb1RPAeeb7BmRcerhx2vL2uWLEDUSctpRoSJ6U0pmbLdKKcRGIT33YX83kYY7Vg_cE_Hg
> >"
> >
> alt="ytyaxlg_7yvuaSla5AjOvXO1TwrBllb1RPAeeb7BmRcerhx2vL2uWLEDUSctpRoSJ6U0pmbLdKKcRGIT33YX83kYY7Vg_cE_Hg"
> > /></a>
> >
> >
> > This is how I see it in Vtiger:
> >
> > image.png
> >
> > Not sure whether that's a hacking attempt and if I should be
> > worried. Shouldn't the webforms module filter html tags and such
> > kind of contents?
> >
> > Please share your thoughts!
> >
> > Saludos
> >
> > Rubén
> > _______________________________________________
> > http://www.vtiger.com/ <http://www.vtiger.com/>
> >
> > _______________________________________________
> > http://www.vtiger.com/ <http://www.vtiger.com/>
> >
> >
> > _______________________________________________
> > http://www.vtiger.com/
> >
> _______________________________________________
> http://www.vtiger.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20210724/1e9ed024/attachment.html>
More information about the vtigercrm-developers
mailing list