Hello,
My form is not submitting and I can't figure out why. Has anyone had this problem before? Here is an example of the URL where the form lives:
Solved! Go to Solution.
You can try to use the honeypot concept, but there's no need to do anything in JS. It's only on the server that it makes sense (in a trigger SC, you would see if a New Lead unexpectedly has a value for a field that should be blank).
I recommend a ReCAPTCHA over the honeypot, but you can hook up the honeypot and see what happens.
The reason the honeypot is doomed if someone targets your form with some intelligence is that by doing a sample form post, it's easy to see that field posts no value by default (even if it weren't clear from your JS!).
Boggles my mind (not blaming you!) that after 20 years of web forms, people still suggest browser-side JS to combat clients that aren't browsers.
did you put custom code on this page?
Hey Josh,
This is a custom landing page template that we use.
Trevor, it works for me.
Thanks all for checking on this. I found that this was related to the honeypot script we use on landing page templates to prevent bots from submitting forms.
The form I was using did not have the hidden "honeypot" field so the script in the template was preventing all form submissions. Once I added the hidden field, it fixed the issue.
Thanks!
Trevor, it doesn't make any sense to check the honeypot value from JS. The whole concept (which has limited efficacy anyway) is that a bot won't use JavaScript, instead blindly filling all fields. You check the honeypot on the server, not on the client side.
Hey Sanford,
This is the method we used to add the honeypot a while back. Is this incorrect?
http://jennamolby.com/how-to-prevent-form-spam-by-using-the-honeypot-technique/
Thanks!
The method makes no sense.
If I'm going to be caught by the "secret" rule that the honeypot should be left blank, I'm not using JS to submit the form. I'm skipping the JS, presumably having scraped all the <input> elements and assuming they all should have a value.
In fact by publishing the rule in the JS you're making it even easier for someone to see, "Oh, the <input name="honeypot"> is fake, let me leave that out of my bot script."
Thanks, Sanford!
I am not familiar with how a bot script approaches filling out forms so this is helpful.
Would you recommend removing this entirely? Is it a waste to try to prevent these bot form fills or is there a better method?
You can try to use the honeypot concept, but there's no need to do anything in JS. It's only on the server that it makes sense (in a trigger SC, you would see if a New Lead unexpectedly has a value for a field that should be blank).
I recommend a ReCAPTCHA over the honeypot, but you can hook up the honeypot and see what happens.
The reason the honeypot is doomed if someone targets your form with some intelligence is that by doing a sample form post, it's easy to see that field posts no value by default (even if it weren't clear from your JS!).
Boggles my mind (not blaming you!) that after 20 years of web forms, people still suggest browser-side JS to combat clients that aren't browsers.