The no-code option is perfect for quickly adding Anubis to a form without having to write any server-side code to check the response once it's posted - essentially, Anubis does the server-side portion for you.
In case you're wondering, it's vital that there's a server-side element to the process, as if we rely on just the user's browser to complete the check, it can be easily ignored or spoofed.
For the sake of this example, we're going to pretend that you're adding Anubis to a contact form on your website, www.example.com. The page already contains the form, which starts with a tag that looks like this:
<form action="contact.php" method="post"> Our aim is to redirect that form action to Anubis, having already told it where to send the data back to.
So - first, within your instance, you'll find no-code redirects, with a button to add a new one. Click it to add a new redirect, and you'll be faced with a dialog box containing the following:
| a name for your use | This is entirely for your use - if you have multiple redirects it'll help you keep track of which one is which. |
| the URL to post your form to | This is not an editable field - but the information contained in it is important in a moment. It's the new URL to paste into the action attribute of your form. |
| success URL | This is the URL you ultimately want the user to be sent to with their data if they successfully complete the challenge. It must be a full URL; in our example, https://example.com/contact.php. |
| failure URL | This is the URL the user will be sent to if they fail the challenge. It's rare that anyone will ever see this, as Anubis will stop the form being posted if the user fails, but bots could end up here. This must also be a full URL. |
| callback URL | This is an entirely optional (full URL) field. The idea here is that you may not want the data the user entered to be sent to their final destination with them - if you'd like the data sent to a different destination than the user, enter the full URL for the destination here. |
This no-code option is inherently less secure than server-side validation, but it is the easiest for anyone not writing their own server-side code. Using the callback URL solves this problem.
Once you've saved your new redirect, it's time to alter the form on your website. Whereas before we had...
<form action="contact.php" method="post"> ...we're going to alter its action to send the user to our no-code redirect, using the link shown in the URL to post your form to:
<form action="https://anubis.zehuti.com/nocode/big-long-string-of-letters-and-numbers" method="post"> It's as simple as that! One tip here on callback URLs - in our example of the contact form, you could make the callback point to the original contact.php page, and create a new 'thanks' page to let the user know their form was received. This is risky, though, if your form doesn't have validation (ie lets the user know about mistakes before the form is ever submitted) - an incorrectly filled-out form would be sent, and the user may never see an error message!
Anubis' no-code option will only handle data up to 16kB (16,384 bytes) in length - it's great for short forms, but cannot be used for more complicated operations (such as image uploads, etc). For reference, that's about four times the length of this page.