Chrome’s Autofill and honeypot fields
Ai developers typically add a hidden “honeypot” field to forms to avoid spam bots. Spam bots usually fill out all of the fields on a form, including the honeypot field. When the honeypot field is filled out and the form is submitted, the form information is not captured.
While doing some cross-browser form testing for several sites I noticed that in the Chrome browser form information wasn’t always being captured.
Upon further investigation I learned that Chrome’s Autofill feature is causing this problem. Chrome’s Autofill fills out the honeypot field and makes the form think that it has been filled out by a spam bot. Since this may result in a significant amount of legitimate form submissions not reaching their intended target, it is important to test all forms with Chrome’s Autofill in mind. Developers need to provide a solution that successfully curbs malicious spam bots without preventing legitimate form submissions.
