Currently every field (label and value) lands in the default form submission email.
Doesn't matter if it's:
type: hidden
input_type: hidden
listable: hidden
visibility: hidden
hide_display: false
We're using a field with type: hidden for doing some turnstile spam protection, but the client receives then something like:
Cloudflare Turnstile Response: 0.PiYCjjqiZhCSotPBhhQcQbcoEyRH0tOmLbHT4zguCx2DkeAsnbJHKi7H42P_Z8-5jG62mZdWj-rF1wa7hnvGnRJbHcwODlZglX4nNhINbUb0yBfej31vW6sqpYFZRxN2Tnfw8SivPPYyJLuedcIAreJvScjztpwCJix0tdeYA2L_4euXx06HUzepy2fg95QfAofSe8qfLXDYgw1lMDbpT6PR8brVGkuvk7mdV6see2NmMdSxqvtUJgaEQ0k6a6i3SU8fLww_hY26QOCbhxTlcQ93yfWgiJxOGzKl9kQQLZHT0w7jsvmCU6xfUOQVUWAbjSaNifNxNq3GlFK0KzCC3hoO5m5FBxm7FVOcE7g_i0DUOb7tWNRaRBs1Yg37FnvECJDa-ILBSAycS9Z4HUV_C823JOeNetWXFV7Ii9BVs4fJmMEqf3F9h29lHMLX0MJR.Rlp-nIqvtHyIln4-vVToXg.4ef4a0fa7a4bd5d31dd758b82a4b697e5cb16d8e933af3affbc4fe42a1ea4c4e
I'm not even able to unset the field value in a listener and prevent the appearing, the clients still receives the label.
Also not adding it to the blueprint is not possible, because fields not existing in blueprints are ignored. (apart from the ones added by statamic, e.g. _token)
How to reproduce
Create a form
Add a field with type: hidden
Fill out form and submit it
Have a look on the form submission email
Logs
No response
Environment
Environment
Application Name: Statamic
Laravel Version: 11.10.0
PHP Version: 8.2.14
Composer Version: 2.7.6
Environment: local
Debug Mode: ENABLED
URL: statamic-fieldtype-hidden.test
Maintenance Mode: OFF
Cache
Config: NOT CACHED
Events: NOT CACHED
Routes: NOT CACHED
Views: CACHED
Drivers
Broadcasting: log
Cache: statamic
Database: sqlite
Logs: stack / single
Mail: smtp
Queue: sync
Session: file
Statamic
Addons: 0
Sites: 1
Stache Watcher: Enabled
Static Caching: Disabled
Version: 5.7.3 Solo
Bug description
Currently every field (label and value) lands in the default form submission email.
Doesn't matter if it's:
type: hidden
input_type: hidden
listable: hidden
visibility: hidden
hide_display: false
We're using a field with
type: hidden
for doing some turnstile spam protection, but the client receives then something like:Cloudflare Turnstile Response: 0.PiYCjjqiZhCSotPBhhQcQbcoEyRH0tOmLbHT4zguCx2DkeAsnbJHKi7H42P_Z8-5jG62mZdWj-rF1wa7hnvGnRJbHcwODlZglX4nNhINbUb0yBfej31vW6sqpYFZRxN2Tnfw8SivPPYyJLuedcIAreJvScjztpwCJix0tdeYA2L_4euXx06HUzepy2fg95QfAofSe8qfLXDYgw1lMDbpT6PR8brVGkuvk7mdV6see2NmMdSxqvtUJgaEQ0k6a6i3SU8fLww_hY26QOCbhxTlcQ93yfWgiJxOGzKl9kQQLZHT0w7jsvmCU6xfUOQVUWAbjSaNifNxNq3GlFK0KzCC3hoO5m5FBxm7FVOcE7g_i0DUOb7tWNRaRBs1Yg37FnvECJDa-ILBSAycS9Z4HUV_C823JOeNetWXFV7Ii9BVs4fJmMEqf3F9h29lHMLX0MJR.Rlp-nIqvtHyIln4-vVToXg.4ef4a0fa7a4bd5d31dd758b82a4b697e5cb16d8e933af3affbc4fe42a1ea4c4e
I'm not even able to unset the field value in a listener and prevent the appearing, the clients still receives the label.
Also not adding it to the blueprint is not possible, because fields not existing in blueprints are ignored. (apart from the ones added by statamic, e.g.
_token
)How to reproduce
type: hidden
Logs
No response
Environment
Installation
Fresh statamic/statamic site via CLI
Additional details
No response