dries arnolds → created an issue.
I have the same issue with the combination of Gin and Media Library Edit, since the upgrade to 3.11
Changing the Twig template also fixes it for me. Does this have anything to do with the new sticky buttons functionality destined for 4.x?
I do have some spam signups again, so it might already be going on. Not many, but they are the typical spam signups where the name and e-mail share no relation (Name field does not match e-mail field) and they are all US based addresses and the list is of a Dutch language magazine.
The settings are default Simple settings, with CDN domain filled in. I also tried the scheme relative setting, but it makes no difference.
Dries Arnolds → created an issue.
No that was it. Thank you for your quick answer.
Dries Arnolds → created an issue.
Is there a reason that we can't just change the icon ourselves through the Embed Buttons configuration at /admin/config/content/embed?
I mean, I can change it there, but nothing happens. Not even after rigorous cache clearing...
Dries Arnolds → created an issue.
@trebormc, I resolved it by running the update again. Thanks for your help.
I did clear cache a couple of times. But i guess the update didn't go well. I should've suspected as much since this was the only site with a problem.
A couple of users have reported getting a "Submission failed. Please reload the page, ensure JavaScript is enabled and try again" error. I have confirmed that javascript is on for them. Is there any error in the key scrambling or other logic that was introduced in the patch?
edit: I have now tested myself on one site and also get that message when filling out any form that is protected (login/webform). I have javascript on and tested incognito without any extensions.
I tried both the patch and the updated module.
I'll add my 2 cents: Installed on two sites on friday (the ones with the most spam). They received no more spam since then. The other sites that run antibot still received a lot of spam. Also legitimate submissions still arrived (test and real-world).
The solution from #57 still works fine on Drupal 10.2. Is there any reason not to (reroll and) commit this?
Some more details that might be useful:
- my forms are not visible on a dedicated link (only added to a page through a reference field)
- most sites are running the latest version of Drupal, Antibot and Webform (although the problem occurred on a D9 site as well)
- all sites have recent versions of PHP/MySQL
Same here. Registrations, Webforms etc are defeated regularly.
I also tried adding the Honeypot module ( https://www.drupal.org/project/honeypot → ) into the mix, but that didn't make much of a difference. I really hate captcha modules, so I hope we can find out how they do it and come up with a solution.
The patch in #20 works fine. Can we get this committed?
I ran into this and the patch solved the problem for me.
Dries Arnolds → created an issue. See original summary → .
I updated to RC5 and it doesn't happen to me anymore.
I ran into this as well and the patch in #57 fixed it. I'm on Drupal 9.5.8.
Dries Arnolds → created an issue.
I have the same issue with a generated subtheme (so not Pixture). I have no specific node access or term access modules installed.
It would be nice to get this committed. I tested the patch and the error disappears. All functionality seems to work like expected.
At first I liked the idea of Shy One-Time, and it worked for a while.
But then I had a project with almost exclusively business vistors and some people who still couldn't log in. I know some had custom domains for security checks. Those were not in the CrawlerDetect library that Shy ONe-Time uses.
I think Nicholas' solution is the way to go. I tested the patch and it works like a charm. Only issue I had is that the Login button was labeled as Reset.
This is also very important to my use cases, where people tend to mix use of desktop and mobile...