SpamFilter (Apache JSPWiki Main War 2.10.1 API)

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.apache.wiki.filters
Class SpamFilter

java.lang.Object
  org.apache.wiki.api.filters.BasicPageFilter
      org.apache.wiki.filters.SpamFilter

All Implemented Interfaces:: PageFilter

public class SpamFilter
extends BasicPageFilter
extends BasicPageFilter

This is Herb, the JSPWiki spamfilter that can also do choke modifications. Parameters:

wordlist - Page name where the regexps are found. Use [{SET spamwords='regexp list separated with spaces'}] on that page. Default is "SpamFilterWordList".
blacklist - The name of an attachment containing the list of spam patterns, one per line. Default is "SpamFilterWordList/blacklist.txt"
errorpage - The page to which the user is redirected. Has a special variable $msg which states the reason. Default is "RejectedMessage".
pagechangesinminute - How many page changes are allowed/minute. Default is 5.
similarchanges - How many similar page changes are allowed before the host is banned. Default is 2. (since 2.4.72)
bantime - How long an IP address stays on the temporary ban list (default is 60 for 60 minutes).
maxurls - How many URLs can be added to the page before it is considered spam (default is 5)
akismet-apikey - The Akismet API key (see akismet.org)
ignoreauthenticated - If set to "true", all authenticated users are ignored and never caught in SpamFilter
captcha - Sets the captcha technology to use. Current allowed values are "none" and "asirra".
strategy - Sets the filtering strategy to use. If set to "eager", will stop at the first probable match, and won't consider any other tests. This is the default, as it's considerably lighter. If set to "score", will go through all of the tests and calculates a score for the spam, which is then compared to a filter level value.

Please see the default editors/plain.jsp for examples on how the SpamFilter integrates with the editor system.

Changes by admin users are ignored in any case.

Since:: 2.1.112

Field Summary
`static String`	`PROP_AKISMET_API_KEY` The filter property name for specifying the Akismet API-key.
`static String`	`PROP_BANTIME` The filter property name for specifying how long a host is banned.
`static String`	`PROP_BLACKLIST` The filter property name for the attachment containing the blacklist.
`static String`	`PROP_CAPTCHA` The filter property name for specifying which captcha technology should be used.
`static String`	`PROP_ERRORPAGE` The filter property name for the page to which you are directed if Herb rejects your edit.
`static String`	`PROP_FILTERSTRATEGY` The filter property name for specifying which filter strategy should be used.
`static String`	`PROP_IGNORE_AUTHENTICATED` The filter property name for specifying whether authenticated users should be ignored.
`static String`	`PROP_MAXURLS` The filter property name for specifying how many URLs can any given edit contain.
`static String`	`PROP_PAGECHANGES` The filter property name for specifying how many changes is any given IP address allowed to do per minute.
`static String`	`PROP_SIMILARCHANGES` The filter property name for specifying how many similar changes are allowed before a host is banned.
`static String`	`PROP_WORDLIST` The filter property name for specifying the page which contains the list of spamwords.
`static String`	`STRATEGY_EAGER` The string specifying the "eager" strategy.
`static String`	`STRATEGY_SCORE` The string specifying the "score" strategy.

Fields inherited from class org.apache.wiki.api.filters.BasicPageFilter
`m_engine`

Constructor Summary
`SpamFilter()`

Method Summary
`static boolean`	`checkHash(WikiContext context, javax.servlet.jsp.PageContext pageContext)` This method checks if the hash value is still valid, i.e. if it exists at all.
`static String`	`getBotFieldName()` Returns a static string which can be used to detect spambots which just wildly fill in all the fields.
`static String`	`getHashFieldName(javax.servlet.http.HttpServletRequest request)` Returns the name of the hash field to be used in this request.
`static String`	`getSpamHash(WikiPage page, javax.servlet.http.HttpServletRequest request)` This method is used to calculate an unique code when submitting the page to detect edit conflicts.
`void`	`initialize(WikiEngine engine, Properties properties)` If you override this, you should call super.initialize() first.
`static String`	`insertInputFields(javax.servlet.jsp.PageContext pageContext)` This helper method adds all the input fields to your editor that the SpamFilter requires to check for spam.
`boolean`	`isValidUserProfile(WikiContext context, UserProfile profile)` Checks whether the UserProfile matches certain checks.
`String`	`preSave(WikiContext context, String content)` This method is called before the page has been saved to the PageProvider.

Methods inherited from class org.apache.wiki.api.filters.BasicPageFilter
`destroy, postSave, postTranslate, preTranslate`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

PROP_WORDLIST

public static final String PROP_WORDLIST

The filter property name for specifying the page which contains the list of spamwords. Value is "wordlist".

See Also:: Constant Field Values

PROP_ERRORPAGE

public static final String PROP_ERRORPAGE

The filter property name for the page to which you are directed if Herb rejects your edit. Value is "errorpage".

See Also:: Constant Field Values

PROP_PAGECHANGES

public static final String PROP_PAGECHANGES

The filter property name for specifying how many changes is any given IP address allowed to do per minute. Value is "pagechangesinminute".

See Also:: Constant Field Values

PROP_SIMILARCHANGES

public static final String PROP_SIMILARCHANGES

The filter property name for specifying how many similar changes are allowed before a host is banned. Value is "similarchanges".

See Also:: Constant Field Values

PROP_BANTIME

public static final String PROP_BANTIME

The filter property name for specifying how long a host is banned. Value is "bantime".

See Also:: Constant Field Values

PROP_BLACKLIST

public static final String PROP_BLACKLIST

The filter property name for the attachment containing the blacklist. Value is "blacklist".

See Also:: Constant Field Values

PROP_MAXURLS

public static final String PROP_MAXURLS

The filter property name for specifying how many URLs can any given edit contain. Value is "maxurls"

See Also:: Constant Field Values

PROP_AKISMET_API_KEY

public static final String PROP_AKISMET_API_KEY

The filter property name for specifying the Akismet API-key. Value is "akismet-apikey".

See Also:: Constant Field Values

PROP_IGNORE_AUTHENTICATED

public static final String PROP_IGNORE_AUTHENTICATED

The filter property name for specifying whether authenticated users should be ignored. Value is "ignoreauthenticated".

See Also:: Constant Field Values

PROP_CAPTCHA

public static final String PROP_CAPTCHA

The filter property name for specifying which captcha technology should be used. Value is "captcha".

See Also:: Constant Field Values

PROP_FILTERSTRATEGY

public static final String PROP_FILTERSTRATEGY

The filter property name for specifying which filter strategy should be used. Value is "strategy".

See Also:: Constant Field Values

STRATEGY_EAGER

public static final String STRATEGY_EAGER

The string specifying the "eager" strategy. Value is "eager".

See Also:: Constant Field Values

STRATEGY_SCORE

public static final String STRATEGY_SCORE

The string specifying the "score" strategy. Value is "score".

See Also:: Constant Field Values

Constructor Detail

SpamFilter

public SpamFilter()

Method Detail

initialize

public void initialize(WikiEngine engine,
                       Properties properties)

If you override this, you should call super.initialize() first. Is called whenever the a new PageFilter is instantiated and reset.

Specified by:: initialize in interface PageFilter
Overrides:: initialize in class BasicPageFilter

Parameters:: engine - The WikiEngine whic owns this PageFilter; properties - The properties ripped from filters.xml.

preSave

public String preSave(WikiContext context,
                      String content)
               throws RedirectException

This method is called before the page has been saved to the PageProvider.

Specified by:: preSave in interface PageFilter
Overrides:: preSave in class BasicPageFilter

Parameters:: context - The WikiContext; content - The wikimarkup that the user just wanted to save.
Returns:: The modified wikimarkup
Throws:: RedirectException

getBotFieldName

public static String getBotFieldName()

Returns a static string which can be used to detect spambots which just wildly fill in all the fields.

Returns:: A string

isValidUserProfile

public boolean isValidUserProfile(WikiContext context,
                                  UserProfile profile)

Checks whether the UserProfile matches certain checks.

Parameters:: profile - The profile to check; context - The WikiContext
Returns:: False, if this userprofile is suspect and should not be allowed to be added.
Since:: 2.6.1

getSpamHash

public static final String getSpamHash(WikiPage page,
                                       javax.servlet.http.HttpServletRequest request)

This method is used to calculate an unique code when submitting the page to detect edit conflicts. It currently incorporates the last-modified date of the page, and the IP address of the submitter.

Parameters:: page - The WikiPage under edit; request - The HTTP Request
Returns:: A hash value for this page and session
Since:: 2.6

getHashFieldName

public static final String getHashFieldName(javax.servlet.http.HttpServletRequest request)

Returns the name of the hash field to be used in this request. The value is unique per session, and once the session has expired, you cannot edit anymore.

Parameters:: request - The page request
Returns:: The name to be used in the hash field
Since:: 2.6

checkHash

public static final boolean checkHash(WikiContext context,
                                      javax.servlet.jsp.PageContext pageContext)
                               throws IOException

This method checks if the hash value is still valid, i.e. if it exists at all. This can occur in two cases: either this is a spam bot which is not adaptive, or it is someone who has been editing one page for too long, and their session has expired.

This method puts a redirect to the http response field to page "SessionExpired" and logs the incident in the spam log (it may or may not be spam, but it's rather likely that it is).

Parameters:: context - The WikiContext; pageContext - The JSP PageContext.
Returns:: True, if hash is okay. False, if hash is not okay, and you need to redirect.
Throws:: IOException - If redirection fails
Since:: 2.6

insertInputFields

public static final String insertInputFields(javax.servlet.jsp.PageContext pageContext)

This helper method adds all the input fields to your editor that the SpamFilter requires to check for spam. This must be in your editor form if you intend to use the SpamFilter.

Parameters:: pageContext - The PageContext
Returns:: A HTML string which contains input fields for the SpamFilter.