Complete documentation for integrating with Button Solutions.
Ok so first off, let's talk integration.
We have a few levels of protection, and all are opt-in:
For newcomers, we suggest first observing traffic for a bit, and then enabling protection.
Integration with the client side is as easy as adding this line to your header (first script loaded):
<html>
<head>
<script src="https://script.button.solutions/hi" defer async></script>
<!-- ... -->
</html>Hide the twirling space button:
<script src="https://script.button.solutions/hi?invisible=true" defer async></script>Enable waf-style redirection to main page when the button cookie is missing:
<script src="https://script.button.solutions/hi?mode=redirect" defer async></script>We replace recaptcha / turnstile-style verification with a silent option.
<form>
<!-- ... -->
<div class="button-solutions-captcha"></div>
<!-- ... -->
</form>Endpoint:
POST https://js.buttons.solutions/siteverifyRequest:
{
"sitekey": "[your site key]",
"response": "[response inserted into the \"button-solutions-captcha\" div]"
}Response:
{
"success": true,
"error": [error detail object],
"challenge": {
"timestamp": "[timestamp string]",
"origin": "[origin]"
}
}const submitUser = async () => {
try {
const buttonUser = document.querySelector('.button-solutions-captcha input[type="hidden"]')
const res = await fetch(`${apiUrl}/signup`, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
fullname: form.fullname,
email: form.email,
password: form.password,
passwordConfirmation: form.passwordConfirmation,
button: buttonUser.value,
})
});
} catch (e) {
// ...
}
}Protection flow overview:
sequenceDiagram
participant unprotected.com [server]
participant unprotected.com [client]
participant script.button.solutions
unprotected.com [server]->>unprotected.com [client]: [normal webpage rendering]
unprotected.com [client]->>script.button.solutions: GET /hi
script.button.solutions-->>unprotected.com [client]: [dynamic script load]
unprotected.com [client]-->>unprotected.com [client]: [make button cookie and talk with script]
unprotected.com [client]->>unprotected.com [server]: [add button cookie]
unprotected.com [server]->>script.button.solutions: POST /siteverify
script.button.solutions-->>unprotected.com [server]: [block decision]Coming soon: AdvancedRequestBot, AdvancedStealthBrowser, AiSeo, AuthenticatedTesting, PaidUser.
We recommend starting with traffic visibility, then moving to clickguard/blocking.
{
"analytics_tag": "[YOUR TAG HERE]"
}