PrestashopModules/botlimiter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix xhr request

Browse Source
This commit is contained in:
O K
2026-04-05 20:39:12 +03:00
parent 8fd0c00941
commit 811451bd1c
1 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
classes/rules/FilterTrapRule.php
View File

@@ -12,9 +12,25 @@ class FilterTrapRule implements RuleInterface
if (!Tools::getIsset('q') && !Tools::getIsset('order')) { if (!Tools::getIsset('q') && !Tools::getIsset('order')) {
return true; return true;
} }
// 1. IGNORE AJAX REQUESTS
// Redirecting an AJAX request returns HTML (the verification page)
// to a JS listener expecting JSON, which breaks the UI.
// We assume bots will hit the main URL first before firing AJAX.
if (Tools::getIsset('from-xhr') ||Tools::getIsset('ajax') || Tools::getIsset('is_ajax')) {
return true;
}
$context = Context::getContext(); $context = Context::getContext();
// 3. CHECK FOR EXISTING SESSION (Likely Human)
// If they have a Customer ID or a Guest ID, they have interacted
// with the shop enough to establish a standard PrestaShop cookie.
if (isset($context->customer) && $context->customer->id) {
return true;
}
if (isset($context->cookie->id_guest) && $context->cookie->id_guest) {
// Optional: You could also check for items in cart to be even more sure
return true;
}
// 2. Allow whitelisted Bots (Google/Bing) // 2. Allow whitelisted Bots (Google/Bing)
// We trust them not to spam. If they do, use robots.txt. // We trust them not to spam. If they do, use robots.txt.