Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@hettiger/ngx-spa-honeypot

Package Overview
Dependencies
Maintainers
1
Versions
1
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@hettiger/ngx-spa-honeypot

Angular Frontend Companion Library for hettiger/spa-honeypot

  • 0.0.1
  • latest
  • npm
  • Socket score

Version published
Weekly downloads
0
decreased by-100%
Maintainers
1
Weekly downloads
 
Created
Source

@hettiger/ngx-spa-honeypot

Angular Frontend Companion Library for the Laravel PHP package hettiger/spa-honeypot.

This project was generated with Angular CLI version 14.2.3.

Development server (Demo Application)

Run ng serve demo for a dev server. Navigate to http://localhost:4200/. The application will automatically reload if you change any of the source files.

Code scaffolding

Run ng generate component component-name to generate a new component. You can also use ng generate directive|pipe|service|class|guard|interface|enum|module.

Build

Run npm run build to build the project. The build artifacts will be stored in the dist/ directory.

Don't run ng build manually. There are additional pre- and post-build-steps involved.

Running unit tests

Run ng test to execute the unit tests via Karma.

Publish

Run npm run publish to build and publish the project.

Further help

To get more help on the Angular CLI use ng help or go check out the Angular CLI Overview and Command Reference page.

Configuration

Without any customization on the backend configuration can be skipped entirely. However, a configuration may be required when customization takes place. Apply your configuration as follows:

import { SPA_HONEYPOT_CONFIG, SpaHoneypotConfig } from 'ngx-spa-honeypot';

@NgModule({
  providers: [
    {
      provide: SPA_HONEYPOT_CONFIG,
      useFactory: (): SpaHoneypotConfig => ({
        domainTokenRoutePathMap: {
          'api.domain.tld': 'token',
        },
      }),
    },
  ],
  // …
})
export class AppModule {}

See SpaHoneypotConfig for documentation on individual configuration values.

Honeypot Input Field

There are numerous ways to add a honeypot field which is actually a good thing. This package does not try to provide a one size fits all solution because bots could easily optimize for that. Instead, you should simply add your honeypot fields exactly the same way that you would add any other form field. However, there are some things to consider:

  • Hide your honeypot field in a non-obvious way (e.g. repositioning via first-child CSS selector)
  • Add the tabindex="-1" attribute so users don't navigate to the honeypot field using the Tab key
  • Add the autocomplete="off" attribute when applicable so browsers don't fill out the honeypot field

Time Based Anti SPAM Protection

Time based anti SPAM protection relies on a custom HTTP header that needs to be sent with each form request. This package uses a directive and an HTTP interceptor to make this as convenient as possible. Simply add the action attribute to each form element that should be protected:

<form
  action="https://api.domain.tld/api/endpoint" 
  novalidate
  (ngSubmit)="onSubmit()"
>
    <!-- Form Controls … -->
</form>

Don't forget to protect the API endpoint using the form or form.token middleware. (Or using the @requireFormToken directive when you're calling a Lighthouse GraphQL API.)

Keywords

FAQs

Package last updated on 30 Dec 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc