Recently I put a website online with a quip guestbook and articles with quip integration. Past few days I got some spam on the guestbook (5 messages in a few days). So I checked why those were getting through the anti-spam, thinking a hidden field with the name 'nospam' might be to obvious. But I thought of checking if it actually worked, so I used Firebug to set a value for nospam and posted a message. I was baffled when the comment was actually posted.
So I checked the documentation, to see if maybe I set it up wrong, but there isn't really anything to setup about the anti spam method with an empty field. So I dug into the code and found the handlePost function in core/component/quip/controllers/web/ThreadReply.php. There is actually no mention of 'nospam' in that file, nor do I believe it is anywhere else.
So I added the following line after the for each:
if (!empty($fields['nospam'])) return;
I know this will be deleted as soon as there will be an update, but is this a proper fix so long as it isn't fixed in quip itself?