Input Filters / Spam link deterrent Does Not Add NoFollow to URL Filter Created Links
| Project: | Drupal |
| Version: | 6.x-dev |
| Component: | comment.module |
| Category: | bug report |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
This is my first issue submission, so please excuse me if I am not spot on on how it is submitted or the info that is needed.
Links created by the URL Filter are not having the nofollow attribute added when the Spam link deterrent feature is turned on in the input filter.
The most secure setup for comment input filters from spam is to turn off all html, including the href tag. Then just have Drupal create links from the URLs. When this is done, the order in which filters are applied has to be HTML Filter -> URL Filter. If it is the other way around, then the HTML filter will strip the link the URL Filter created. So now the HTML Filter never gets to add the nofollow because it is added first.
The URL Filter logic needs a nofollow link added independently of the HTML filter for these cases.
I am not sure how this works in 7.x, so this logic may also need to be done there.
#1
JeremyL,
I was looking for the similar solution as a part of the comment spam protection too.
After spending a few hours here, I ended up with making a very small and simple module by myself which adds rel="nofollow" to all anchor tags used in any comments. It seems to be working OK for me.
Besides, if the anchor already has rel="XXXXX" (e.g: rel="lightbox2"), this module skip the anchor.
BTW, I have replied to your other posts http://drupal.org/node/450792 too and find this post later.