Spammers bypassing field validation

2 years ago
17 March 2022
1 reply
38 views

lisaross
0 replies

I added a new field validation to only accept business email addresses. The script is fairly simple and I tested and it works.

Here is the script

<script>
  window.ub.form.customValidators.nonWebmailEmail = {
    isValid: function(value) {
      return /\@(?!(me|mac|icloud|gmail|googlemail|hotmail|live|msn|outlook|yahoo|ymail|aol)\.)/.test(value.toLowerCase());
    },
    message: 'Please enter your business email address',
  };
</script>
<script>
window.module.lp.form.data.validationRules['email'].nonWebmailEmail = true;
</script>

Yes, somehow, every now and then, I get an email from someone using gmail.com. How are these guys able to bypass the script?

1 reply

Hi @lisaross I just tested your code in one of our UnBounce LP and I must say it just works as expected if a human is interacting with your webform, maybe a bot is sending emails using the header concatenating your keys and values and bypassing your validations in JS, another reason should be that the user is blocking your javascript using an extension in the browser, but see carefully in the leads you’re receiving to double check what’s happening.

BTW, this is the code that I tested, you only need one tag, have a great day!

<script>
  window.ub.form.customValidators.nonWebmailEmail = {
    isValid: function(value) {
      return /\@(?!(me|mac|icloud|gmail|googlemail|hotmail|live|msn|outlook|yahoo|ymail|aol)\.)/.test(value.toLowerCase());
    },
    message: 'Please enter your business email address',
  };
  window.module.lp.form.data.validationRules['email'].nonWebmailEmail = true;
</script>

Reply

Sign up

Log in to the Unbounce Community

Scanning file for viruses.

This file cannot be downloaded