diff --git a/app/views/admin/submissions/show.html.erb b/app/views/admin/submissions/show.html.erb
index 95f37dff4..a0130dd7e 100644
--- a/app/views/admin/submissions/show.html.erb
+++ b/app/views/admin/submissions/show.html.erb
@@ -126,6 +126,11 @@
|
Location code
+
+
+
|
<%= h(@submission.location_code) %>
@@ -139,6 +144,14 @@
<%= h(@submission.user_agent) %>
|
+
+ |
+ IP Address
+ |
+
+ <%= h(@submission.ip_address) %>
+ |
+
|
Submitted from hostname
@@ -168,7 +181,7 @@
Referer
|
- <%= sanitize(@submission.referer) %>
+ <%= h(@submission.referer) %>
|
@@ -176,7 +189,7 @@
Language
|
- <%= @submission.language %>
+ <%= h(@submission.language) %>
|
diff --git a/app/views/components/widget/_fba.js.erb b/app/views/components/widget/_fba.js.erb
index 35e3ee987..8c9f2dde5 100644
--- a/app/views/components/widget/_fba.js.erb
+++ b/app/views/components/widget/_fba.js.erb
@@ -10,6 +10,9 @@ function FBAform(d, N) {
formElement: function() {
return this.formComponent().querySelector("form");
},
+ formLocalStorageKey: function() {
+ return `touchpoints:${this.options.formId}`
+ },
isFormSubmitted: false, // defaults to false
// enable Javascript experience
javascriptIsEnabled: function() {
@@ -38,9 +41,10 @@ function FBAform(d, N) {
if (this.options.formSpecificScript) {
this.options.formSpecificScript();
}
- <% if form.enable_turnstile? %>
- this.loadTurnstile()
+ <%- if form.enable_turnstile? %>
+ this.loadTurnstile();
<% end %>
+ this.enableLocalStorage();
d.dispatchEvent(new CustomEvent('onTouchpointsFormLoaded', {
detail: {
formComponent: this
@@ -433,6 +437,7 @@ function FBAform(d, N) {
if (formElement) {
// And clear the Form's Fields
formElement.reset();
+ localStorage.removeItem(this.formLocalStorageKey());
if (formElement.querySelector('.touchpoints-form-body')) {
var formBody = formElement.querySelector('.touchpoints-form-body');
if(formBody) {
@@ -555,7 +560,7 @@ function FBAform(d, N) {
xhr.setRequestHeader("Content-Type", "application/json; charset=UTF-8;");
xhr.onload = callback.bind(this);
xhr.send(JSON.stringify({
- <% if form.enable_turnstile? %>
+ <%- if form.enable_turnstile? %>
"cf-turnstile-response" : form.querySelector("input[name='cf-turnstile-response']") ? form.querySelector("input[name='cf-turnstile-response']").value : null,
<% end %>
"submission": params,
@@ -645,23 +650,46 @@ function FBAform(d, N) {
modalId: function() {
return `fba-modal-${this.options.formId}`;
},
- <% if form.enable_turnstile? %>
+ <%- if form.enable_turnstile? %>
loadTurnstile: function() {
let script = document.createElement("script");
script.src = "https://challenges.cloudflare.com/turnstile/v0/api.js";
script.async = true;
script.defer = true;
- script.onload = function() {
- document.querySelector("input[name='cf-turnstile-response']").value = token;
- };
document.head.appendChild(script);
},
<% end %>
+ enableLocalStorage: function() {
+ const form = this.formElement();
+ const savedData = localStorage.getItem(this.formLocalStorageKey());
+
+ <%# Restore form data from localStorage %>
+ if (savedData) {
+ const formData = JSON.parse(savedData);
+ for (const key in formData) {
+ const input = form.querySelector(`[name="${key}"]`);
+ if (input) {
+ input.value = formData[key];
+ }
+ }
+ }
+
+ <%# Save data to localStorage as the user types %>
+ form.addEventListener('input', (event) => {
+ const inputData = {};
+ const formData = new FormData(form);
+ formData.forEach((value, key) => {
+ inputData[key] = value;
+ });
+
+ localStorage.setItem(this.formLocalStorageKey(), JSON.stringify(inputData));
+ });
+ },
};
};
// Specify the options for your form
-const touchpointFormOptions<%= form.short_uuid %> = {
+var touchpointFormOptions<%= form.short_uuid %> = {
'formId': "<%= form.short_uuid %>",
'modalButtonText': "<%= form.modal_button_text %>",
'elementSelector': "<%= form.element_selector %>",
@@ -703,10 +731,10 @@ const touchpointFormOptions<%= form.short_uuid %> = {
}
// Create an instance of a Touchpoints form object
-const touchpointForm<%= form.short_uuid %> = new FBAform(document, window).init(touchpointFormOptions<%= form.short_uuid %>);
+window.touchpointForm<%= form.short_uuid %> = new FBAform(document, window);
+window.touchpointForm<%= form.short_uuid %>.init(touchpointFormOptions<%= form.short_uuid %>);
<%- if form.load_css && form.delivery_method != "touchpoints-hosted-only" %>
-
// Load the USWDS JS, loads as module 'fbaUswds' in global scope
<%= render partial: 'components/widget/widget-uswds', formats: :js %>
@@ -724,5 +752,4 @@ const touchpointForm<%= form.short_uuid %> = new FBAform(document, window).init(
fbaUswds.Modal.on(fbaModalElement);
}
})();
-
<% end %>
\ No newline at end of file
diff --git a/db/migrate/20250402195517_submission_spam_prevention_mechanism.rb b/db/migrate/20250402195517_submission_spam_prevention_mechanism.rb
new file mode 100644
index 000000000..23986155e
--- /dev/null
+++ b/db/migrate/20250402195517_submission_spam_prevention_mechanism.rb
@@ -0,0 +1,5 @@
+class SubmissionSpamPreventionMechanism < ActiveRecord::Migration[8.0]
+ def change
+ add_column :submissions, :spam_prevention_mechanism, :string, default: "", comment: "Specify which spam prevention mechanism was used, if any."
+ end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 35f2e180f..1ca396e5a 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
#
# It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema[8.0].define(version: 2025_04_01_223209) do
+ActiveRecord::Schema[8.0].define(version: 2025_04_02_195517) do
# These are extensions that must be enabled in order to support this database
enable_extension "pg_catalog.plpgsql"
@@ -613,6 +613,7 @@
t.boolean "deleted", default: false
t.datetime "deleted_at"
t.string "preview", default: ""
+ t.string "spam_prevention_mechanism", default: "", comment: "Specify which spam prevention mechanism was used, if any."
t.index ["archived"], name: "index_submissions_on_archived"
t.index ["created_at"], name: "index_submissions_on_created_at"
t.index ["flagged"], name: "index_submissions_on_flagged"
diff --git a/spec/features/touchpoints_spec.rb b/spec/features/touchpoints_spec.rb
index dd4938f5c..4ee85b3a4 100644
--- a/spec/features/touchpoints_spec.rb
+++ b/spec/features/touchpoints_spec.rb
@@ -20,6 +20,27 @@
expect(page).to be_axe_clean
end
+ describe 'persist text responses in localStorage' do
+ let(:two_question_form) { FactoryBot.create(:form, :two_question_open_ended_form, organization:) }
+
+ before do
+ visit touchpoint_path(two_question_form)
+ fill_in(two_question_form.ordered_questions.first.ui_selector, with: 'Question one')
+ fill_in(two_question_form.ordered_questions.last.ui_selector, with: 'Question two')
+ visit touchpoint_path(two_question_form)
+ end
+
+ it "enters text, refreshes to ensure it still there, submits, and ensures it has been cleared" do
+ expect(find("#" + two_question_form.ordered_questions.first.ui_selector).value).to eq('Question one')
+ expect(find("#" + two_question_form.ordered_questions.last.ui_selector).value).to eq('Question two')
+ click_button 'Submit'
+ expect(page).to have_content('Thank you. Your feedback has been received.')
+ visit touchpoint_path(two_question_form)
+ expect(find("#" + two_question_form.ordered_questions.first.ui_selector).value).to be_blank
+ expect(find("#" + two_question_form.ordered_questions.last.ui_selector).value).to be_blank
+ end
+ end
+
context 'default success text' do
before do
visit touchpoint_path(form)