Skip to content

AO3-7271 Add cloudflare bot score and fingerprints to akismet comment spam checks #5567

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
omerfaruk-pseud wants to merge 7 commits into
base: master
Choose a base branch
from
+75 −0
Open

AO3-7271 Add cloudflare bot score and fingerprints to akismet comment spam checks #5567

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
ec4c897
AO3-7271 take cf data from header to model then akismet
Jan 22, 2026
d13eb55
AO3-7271 add cf data only when it exists
Jan 30, 2026
7735340
Merge branch 'master' into AO3-7271
Jan 30, 2026
21b95b5
AO3-7271 use double quotes, rubocop
Jan 30, 2026
b5c9815
AO3-7271 add tests
Feb 2, 2026
58b90c1
AO3-7271 add and remove some whitespaces
Feb 2, 2026
49be74b
Merge branch 'master' into AO3-7271
Feb 2, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions app/controllers/comments_controller.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -391,6 +391,9 @@ def create
@comment = Comment.new(comment_params)
@comment.ip_address = request.remote_ip
@comment.user_agent = request.env["HTTP_USER_AGENT"]&.to(499)
@comment.cloudflare_bot_score = request.env["HTTP_CF_BOT_SCORE"]
@comment.cloudflare_ja3_hash = request.env["HTTP_CF_JA3_HASH"]
@comment.cloudflare_ja4 = request.env["HTTP_CF_JA4"]
@comment.commentable = Comment.commentable_object(@commentable)
@controller_name = params[:controller_name]

Expand Down
6 changes: 6 additions & 0 deletions app/models/comment.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,8 @@ class Comment < ApplicationRecord

delegate :user, to: :pseud, allow_nil: true

attr_accessor :cloudflare_bot_score, :cloudflare_ja3_hash, :cloudflare_ja4

# Whether the writer of the comment this is replying to allows guest replies
validate :guest_can_reply, if: :reply_comment?, unless: :pseud_id, on: :create
def guest_can_reply
Expand Down Expand Up @@ -138,6 +140,10 @@ def akismet_attributes
comment_post_modified_gmt: comment_post_modified_gmt
}

attributes[:cloudflare_bot_score] = cloudflare_bot_score if cloudflare_bot_score
attributes[:cloudflare_ja3_hash] = cloudflare_ja3_hash if cloudflare_ja3_hash
attributes[:cloudflare_ja4] = cloudflare_ja4 if cloudflare_ja4

attributes[:recheck_reason] = "edit" if will_save_change_to_edited_at? && will_save_change_to_comment_content?

attributes
Expand Down
26 changes: 26 additions & 0 deletions spec/controllers/comments/default_rails_actions_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -661,6 +661,32 @@
end
end
end

context "when cloudflare headers are available" do
let!(:comment) { create(:comment) }
before { fake_login }

it "sets the bot score" do
request.env["HTTP_CF_BOT_SCORE"] = "42"
expect_any_instance_of(Comment).to receive(:cloudflare_bot_score=).with("42")

post :create, params: { comment_id: comment.id, comment: anon_comment_attributes }
end

it "sets the ja3 hash" do
request.env["HTTP_CF_JA3_HASH"] = "a_hash"
expect_any_instance_of(Comment).to receive(:cloudflare_ja3_hash=).with("a_hash")

post :create, params: { comment_id: comment.id, comment: anon_comment_attributes }
end

it "sets the ja3 hash" do
request.env["HTTP_CF_JA4"] = "another_hash"
expect_any_instance_of(Comment).to receive(:cloudflare_ja4=).with("another_hash")

post :create, params: { comment_id: comment.id, comment: anon_comment_attributes }
end
end
end

describe "DELETE #destroy" do
Expand Down
40 changes: 40 additions & 0 deletions spec/models/comment_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -355,6 +355,46 @@ def queue_adapter_for_test
end
end
end

context "when cloudflare headers are available" do
before do
subject.cloudflare_bot_score = "42"
subject.cloudflare_ja3_hash = "a_hash"
subject.cloudflare_ja4 = "another_hash"
end

it "has cloudflare bot score" do
expect(subject.akismet_attributes[:cloudflare_bot_score]).to eq("42")
end

it "has cloudflare ja3 hash" do
expect(subject.akismet_attributes[:cloudflare_ja3_hash]).to eq("a_hash")
end

it "has cloudflare ja4" do
expect(subject.akismet_attributes[:cloudflare_ja4]).to eq("another_hash")
end
end

context "when cloudflare headers aren't available" do
before do
subject.cloudflare_bot_score = nil
subject.cloudflare_ja3_hash = nil
subject.cloudflare_ja4 = nil
end

it "doesn't have cloudflare bot score" do
expect(subject.akismet_attributes).not_to have_key(:cloudflare_bot_score)
end

it "doesn't have cloudflare ja3 hash" do
expect(subject.akismet_attributes).not_to have_key(:cloudflare_ja3_hash)
end

it "doesn't have cloudflare ja4" do
expect(subject.akismet_attributes).not_to have_key(:cloudflare_ja4)
end
end
end
end

Expand Down
Loading