You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by dk...@apache.org on 2019/09/18 19:37:28 UTC

[sling-org-apache-sling-app-cms] branch master updated: SLING-8719 - Adding support for basic security via a 'honeypot' field, e.g. spam trap

This is an automated email from the ASF dual-hosted git repository.

dklco pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-app-cms.git


The following commit(s) were added to refs/heads/master by this push:
     new 4b455f9  SLING-8719 - Adding support for basic security via a 'honeypot' field, e.g. spam trap
4b455f9 is described below

commit 4b455f9dad40d073845001c60c6cb8baa6614563
Author: Dan Klco <dk...@apache.org>
AuthorDate: Wed Sep 18 15:37:21 2019 -0400

    SLING-8719 - Adding support for basic security via a 'honeypot' field,
    e.g. spam trap
---
 .../forms/impl/fields/HoneypotHandler.java         | 52 ++++++++++++++++++++++
 .../components/forms/fields/honeypot.json          |  6 +++
 .../components/forms/fields/honeypot/edit.json     | 23 ++++++++++
 .../components/forms/fields/honeypot/honeypot.jsp  | 23 ++++++++++
 4 files changed, 104 insertions(+)

diff --git a/reference/src/main/java/org/apache/sling/cms/reference/forms/impl/fields/HoneypotHandler.java b/reference/src/main/java/org/apache/sling/cms/reference/forms/impl/fields/HoneypotHandler.java
new file mode 100644
index 0000000..5dfc51c
--- /dev/null
+++ b/reference/src/main/java/org/apache/sling/cms/reference/forms/impl/fields/HoneypotHandler.java
@@ -0,0 +1,52 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sling.cms.reference.forms.impl.fields;
+
+import java.util.Map;
+
+import org.apache.commons.lang3.StringUtils;
+import org.apache.sling.api.SlingHttpServletRequest;
+import org.apache.sling.api.resource.Resource;
+import org.apache.sling.cms.reference.forms.FieldHandler;
+import org.apache.sling.cms.reference.forms.FormException;
+import org.osgi.service.component.annotations.Component;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+@Component(service = FieldHandler.class)
+public class HoneypotHandler implements FieldHandler {
+
+    private static final Logger log = LoggerFactory.getLogger(HoneypotHandler.class);
+
+    @Override
+    public boolean handles(Resource fieldResource) {
+        String resourceType = fieldResource.getResourceType();
+        return "reference/components/forms/fields/honeypot".equals(resourceType);
+    }
+
+    @Override
+    public void handleField(SlingHttpServletRequest request, Resource fieldResource, Map<String, Object> formData)
+            throws FormException {
+        log.trace("handleField");
+        String name = FieldHandler.getName(fieldResource);
+        String value = request.getParameter(name);
+        if (!StringUtils.isBlank(value)) {
+            throw new FormException("Triggered honeypot " + name);
+        }
+    }
+
+}
diff --git a/reference/src/main/resources/jcr_root/apps/reference/components/forms/fields/honeypot.json b/reference/src/main/resources/jcr_root/apps/reference/components/forms/fields/honeypot.json
new file mode 100644
index 0000000..563e4be
--- /dev/null
+++ b/reference/src/main/resources/jcr_root/apps/reference/components/forms/fields/honeypot.json
@@ -0,0 +1,6 @@
+{
+    "jcr:primaryType" : "sling:Component",
+    "jcr:title": "Honeypot",
+    "componentType": "Form Field",
+    "reloadPage": true
+}
\ No newline at end of file
diff --git a/reference/src/main/resources/jcr_root/apps/reference/components/forms/fields/honeypot/edit.json b/reference/src/main/resources/jcr_root/apps/reference/components/forms/fields/honeypot/edit.json
new file mode 100644
index 0000000..e7dcc7d
--- /dev/null
+++ b/reference/src/main/resources/jcr_root/apps/reference/components/forms/fields/honeypot/edit.json
@@ -0,0 +1,23 @@
+ {
+    "jcr:primaryType": "nt:unstructured",
+    "sling:resourceType": "sling-cms/components/editor/slingform",
+    "button": "Save",
+    "fields": {
+        "jcr:primaryType": "nt:unstructured",
+        "sling:resourceType": "sling-cms/components/general/container",
+        "containerClass": {
+            "jcr:primaryType": "nt:unstructured",
+            "sling:resourceType": "sling-cms/components/editor/fields/text",
+            "label": "Container Class",
+            "name": "containerClass",
+            "required": true
+        },
+        "name": {
+            "jcr:primaryType": "nt:unstructured",
+            "sling:resourceType": "sling-cms/components/editor/fields/text",
+            "label": "Honeypot Name",
+            "name": "name",
+            "required": true
+        }
+    }
+}
\ No newline at end of file
diff --git a/reference/src/main/resources/jcr_root/apps/reference/components/forms/fields/honeypot/honeypot.jsp b/reference/src/main/resources/jcr_root/apps/reference/components/forms/fields/honeypot/honeypot.jsp
new file mode 100644
index 0000000..9b9e4e1
--- /dev/null
+++ b/reference/src/main/resources/jcr_root/apps/reference/components/forms/fields/honeypot/honeypot.jsp
@@ -0,0 +1,23 @@
+<%-- /*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */ --%>
+<%@include file="/libs/sling-cms/global.jsp"%>
+<div class="${properties.containerClass}">
+    <label for="${properties.name}">Do Not Fill This Out</label>   
+    <textarea name="${properties.name}" id="${properties.name}" rows="1" cols="1"></textarea>
+</div>
\ No newline at end of file