bot-away 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (25) hide show
  1. data/.gitignore +7 -0
  2. data/History.txt +12 -2
  3. data/LICENSE +20 -0
  4. data/README.rdoc +124 -67
  5. data/Rakefile +57 -0
  6. data/VERSION +1 -0
  7. data/bot-away.gemspec +96 -0
  8. data/lib/bot-away.rb +67 -7
  9. data/lib/bot-away/action_dispatch/request.rb +20 -0
  10. data/lib/bot-away/action_view/helpers/instance_tag.rb +13 -4
  11. data/lib/bot-away/param_parser.rb +25 -12
  12. data/lib/bot-away/spinner.rb +0 -2
  13. data/spec/controllers/test_controller_spec.rb +82 -35
  14. data/spec/rspec_version.rb +19 -0
  15. data/spec/spec_helper.rb +103 -2
  16. data/spec/support/obfuscation_helper.rb +102 -47
  17. data/spec/support/rails/mock_logger.rb +21 -0
  18. data/spec/support/test_controller.rb +28 -0
  19. data/spec/{lib → views/lib}/action_view/helpers/instance_tag_spec.rb +28 -22
  20. data/spec/views/lib/disabled_for_spec.rb +101 -0
  21. data/spec/{lib/builder_spec.rb → views/lib/form_builder_spec.rb} +5 -12
  22. data/spec/{lib → views/lib}/param_parser_spec.rb +10 -4
  23. metadata +66 -32
  24. data/lib/bot-away/action_controller/request.rb +0 -19
  25. data/spec/support/controllers/test_controller.rb +0 -18
data/spec/{lib/builder_spec.rb → views/lib/form_builder_spec.rb} RENAMED
@@ -1,13 +1,5 @@
1
- ###
2
- # The original implementation of BotAway extended ActionView::Helpers::FormBuilder, and these tests were written
3
- # for it. This approach has since been abandoned in favor of a direct override of ActionView::Helpers::InstanceTag for
4
- # reasons of efficiency. The FormBuilder tests have been kept around simply for an extra layer of functional testing.
5
- ###
6
-
7
1
  require 'spec_helper'
8
2
 
9
- class MockObject; attr_accessor :method_name; def initialize; @method_name = 'method_value'; end; end
10
-
11
3
  describe ActionView::Helpers::FormBuilder do
12
4
  subject { builder }
13
5
 
@@ -26,7 +18,7 @@ describe ActionView::Helpers::FormBuilder do
26
18
 
27
19
  it "should not obfuscate names that have been explicitly ignored" do
28
20
  BotAway.accepts_unfiltered_params 'method_name'
29
- builder.text_field('method_name').should_not match(/name="a0844d45bf150668ff1d86a6eb491969/)
21
+ builder.text_field('method_name').should_not match(/name="#{obfuscated_name}/)
30
22
  BotAway.unfiltered_params.delete 'method_name'
31
23
  end
32
24
 
@@ -39,7 +31,7 @@ describe ActionView::Helpers::FormBuilder do
39
31
  #grouped_collection_select(method, collection, group_method, group_label_method, option_key_method,
40
32
  # option_value_method, options = {}, html_options = {})
41
33
  obfuscates(:grouped_collection_select) do
42
- builder.grouped_collection_select method_name, [MockObject.new], :method_name, :method_name, :to_s, :to_s
34
+ builder.grouped_collection_select method_name, [MockObject.new], object_name, method_name, method_name, :to_s
43
35
  end
44
36
 
45
37
  #time_zone_select(method, priority_zones = nil, options = {}, html_options = {})
@@ -51,13 +43,14 @@ describe ActionView::Helpers::FormBuilder do
51
43
  obfuscates(field) { builder.send(field, method_name) }
52
44
  end
53
45
 
54
- obfuscates(:radio_button, '53640013be550817d040597218884288') { builder.radio_button method_name, :value }
46
+ obfuscates(:radio_button, RAILS_VERSION >= "3.0" ? "767c870add970ab6d64803043c4ccfbb" :
47
+ "53640013be550817d040597218884288") { builder.radio_button method_name, :value }
55
48
 
56
49
  context "#label" do
57
50
  subject { dump { builder.label(method_name) } }
58
51
 
59
52
  it "links labels to their obfuscated elements" do
60
- subject.should match(/for=\"e21372563297c728093bf74c3cb6b96c\"/)
53
+ subject.should match(/for=\"#{obfuscated_id}\"/)
61
54
  end
62
55
  end
63
56
  end
data/spec/{lib → views/lib}/param_parser_spec.rb RENAMED
@@ -1,3 +1,5 @@
1
+ require 'spec_helper'
2
+
1
3
  describe BotAway::ParamParser do
2
4
  def params(honeypots)
3
5
  @params = { 'authenticity_token' => '1234',
@@ -13,7 +15,11 @@ describe BotAway::ParamParser do
13
15
  @params = params('test' => { 'name' => '', 'posts' => [] })
14
16
  end
15
17
 
16
- subject { r = BotAway::ParamParser.new(@ip, @params); puts r.params.to_yaml; r }
18
+ subject { dump { BotAway::ParamParser.new(@ip, @params) } }
19
+
20
+ it "should default BotAway.dump_params => false" do
21
+ (!!BotAway.dump_params).should == false
22
+ end
17
23
 
18
24
  context "with dump_params == true" do
19
25
  before(:each) { BotAway.dump_params = true }
@@ -21,7 +27,7 @@ describe BotAway::ParamParser do
21
27
 
22
28
  it "should dump params as debug to Rails logger" do
23
29
  @params = { 'test' => "hello", :posts => [1] }
24
- Rails.logger.should_receive(:debug).with(@params.inspect)
30
+ Rails.logger.should_receive(:debug).exactly(3).times #with(@params.inspect)
25
31
  subject
26
32
  end
27
33
  end
@@ -48,7 +54,7 @@ describe BotAway::ParamParser do
48
54
 
49
55
  context "with a filled honeypot" do
50
56
  before(:each) { @params = params({'test' => {'name' => 'colin', 'posts' => []}}) }
51
- subject { r = BotAway::ParamParser.new(@ip, @params); puts r.params.to_yaml; r }
57
+ subject { dump { BotAway::ParamParser.new(@ip, @params) } }
52
58
 
53
59
  it "drops all parameters" do
54
60
  subject.params.should == { "suspected_bot" => true }
@@ -57,7 +63,7 @@ describe BotAway::ParamParser do
57
63
 
58
64
  context "with a filled sub-honeypot" do
59
65
  before(:each) { @params = params({'test' => {'name' => '', 'posts' => [1, 2]}}) }
60
- subject { r = BotAway::ParamParser.new(@ip, @params); puts r.params.to_yaml; r }
66
+ subject { dump { BotAway::ParamParser.new(@ip, @params) } }
61
67
 
62
68
  it "drops all parameters" do
63
69
  subject.params.should == { "suspected_bot" => true }
metadata CHANGED
@@ -4,9 +4,9 @@ version: !ruby/object:Gem::Version
4
4
  prerelease: false
5
5
  segments:
6
6
  - 1
7
- - 1
7
+ - 2
8
8
  - 0
9
- version: 1.1.0
9
+ version: 1.2.0
10
10
  platform: ruby
11
11
  authors:
12
12
  - Colin MacKenzie IV
@@ -14,13 +14,14 @@ autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
16
 
17
- date: 2010-06-21 00:00:00 -04:00
17
+ date: 2010-10-14 00:00:00 -04:00
18
18
  default_executable:
19
19
  dependencies:
20
20
  - !ruby/object:Gem::Dependency
21
21
  name: actionpack
22
22
  prerelease: false
23
23
  requirement: &id001 !ruby/object:Gem::Requirement
24
+ none: false
24
25
  requirements:
25
26
  - - ">="
26
27
  - !ruby/object:Gem::Version
@@ -35,6 +36,7 @@ dependencies:
35
36
  name: sc-core-ext
36
37
  prerelease: false
37
38
  requirement: &id002 !ruby/object:Gem::Requirement
39
+ none: false
38
40
  requirements:
39
41
  - - ">="
40
42
  - !ruby/object:Gem::Version
@@ -46,53 +48,70 @@ dependencies:
46
48
  type: :runtime
47
49
  version_requirements: *id002
48
50
  - !ruby/object:Gem::Dependency
49
- name: rubyforge
51
+ name: jeweler
50
52
  prerelease: false
51
53
  requirement: &id003 !ruby/object:Gem::Requirement
54
+ none: false
52
55
  requirements:
53
56
  - - ">="
54
57
  - !ruby/object:Gem::Version
55
58
  segments:
56
- - 2
57
- - 0
59
+ - 1
58
60
  - 4
59
- version: 2.0.4
61
+ - 0
62
+ version: 1.4.0
60
63
  type: :development
61
64
  version_requirements: *id003
62
65
  - !ruby/object:Gem::Dependency
63
- name: hoe
66
+ name: rspec
64
67
  prerelease: false
65
68
  requirement: &id004 !ruby/object:Gem::Requirement
69
+ none: false
66
70
  requirements:
67
71
  - - ">="
68
72
  - !ruby/object:Gem::Version
69
73
  segments:
70
- - 2
71
- - 6
74
+ - 1
75
+ - 3
72
76
  - 0
73
- version: 2.6.0
77
+ version: 1.3.0
74
78
  type: :development
75
79
  version_requirements: *id004
76
- description: |-
77
- Unobtrusively detects form submissions made by spambots, and silently drops those submissions. The key word here is
78
- "unobtrusive" -- this is NOT a CAPTCHA. This is a transparent, modular implementation of the bot-catching techniques
79
- discussed by Ned Batchelder at http://nedbatchelder.com/text/stopbots.html.
80
- email:
81
- - sinisterchipmunk@gmail.com
80
+ - !ruby/object:Gem::Dependency
81
+ name: rspec-rails
82
+ prerelease: false
83
+ requirement: &id005 !ruby/object:Gem::Requirement
84
+ none: false
85
+ requirements:
86
+ - - ">="
87
+ - !ruby/object:Gem::Version
88
+ segments:
89
+ - 1
90
+ - 3
91
+ - 2
92
+ version: 1.3.2
93
+ type: :development
94
+ version_requirements: *id005
95
+ description: Unobtrusively detects form submissions made by spambots, and silently drops those submissions.
96
+ email: sinisterchipmunk@gmail.com
82
97
  executables: []
83
98
 
84
99
  extensions: []
85
100
 
86
101
  extra_rdoc_files:
87
- - History.txt
88
- - Manifest.txt
102
+ - LICENSE
103
+ - README.rdoc
89
104
  files:
105
+ - .gitignore
90
106
  - History.txt
107
+ - LICENSE
91
108
  - Manifest.txt
92
109
  - README.rdoc
93
110
  - Rakefile
111
+ - VERSION
112
+ - bot-away.gemspec
94
113
  - lib/bot-away.rb
95
- - lib/bot-away/action_controller/request.rb
114
+ - lib/bot-away/action_dispatch/request.rb
96
115
  - lib/bot-away/action_view/helpers/instance_tag.rb
97
116
  - lib/bot-away/param_parser.rb
98
117
  - lib/bot-away/spinner.rb
@@ -100,27 +119,30 @@ files:
100
119
  - script/destroy
101
120
  - script/generate
102
121
  - spec/controllers/test_controller_spec.rb
103
- - spec/lib/action_view/helpers/instance_tag_spec.rb
104
- - spec/lib/builder_spec.rb
105
- - spec/lib/param_parser_spec.rb
122
+ - spec/rspec_version.rb
106
123
  - spec/spec_helper.rb
107
- - spec/support/controllers/test_controller.rb
108
124
  - spec/support/honeypot_matcher.rb
109
125
  - spec/support/obfuscation_helper.rb
110
126
  - spec/support/obfuscation_matcher.rb
127
+ - spec/support/rails/mock_logger.rb
128
+ - spec/support/test_controller.rb
111
129
  - spec/support/views/test/index.html.erb
112
130
  - spec/support/views/test/model_form.html.erb
131
+ - spec/views/lib/action_view/helpers/instance_tag_spec.rb
132
+ - spec/views/lib/disabled_for_spec.rb
133
+ - spec/views/lib/form_builder_spec.rb
134
+ - spec/views/lib/param_parser_spec.rb
113
135
  has_rdoc: true
114
- homepage: http://github.com/sinisterchipmunk/bot-away
136
+ homepage: http://www.thoughtsincomputation.com
115
137
  licenses: []
116
138
 
117
139
  post_install_message:
118
140
  rdoc_options:
119
- - --main
120
- - README.rdoc
141
+ - --charset=UTF-8
121
142
  require_paths:
122
143
  - lib
123
144
  required_ruby_version: !ruby/object:Gem::Requirement
145
+ none: false
124
146
  requirements:
125
147
  - - ">="
126
148
  - !ruby/object:Gem::Version
@@ -128,6 +150,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
128
150
  - 0
129
151
  version: "0"
130
152
  required_rubygems_version: !ruby/object:Gem::Requirement
153
+ none: false
131
154
  requirements:
132
155
  - - ">="
133
156
  - !ruby/object:Gem::Version
@@ -136,10 +159,21 @@ required_rubygems_version: !ruby/object:Gem::Requirement
136
159
  version: "0"
137
160
  requirements: []
138
161
 
139
- rubyforge_project: bot-away
140
- rubygems_version: 1.3.6
162
+ rubyforge_project:
163
+ rubygems_version: 1.3.7
141
164
  signing_key:
142
165
  specification_version: 3
143
- summary: Unobtrusively detects form submissions made by spambots, and silently drops those submissions
144
- test_files: []
145
-
166
+ summary: Unobtrusively detects form submissions made by spambots, and silently drops those submissions.
167
+ test_files:
168
+ - spec/controllers/test_controller_spec.rb
169
+ - spec/rspec_version.rb
170
+ - spec/spec_helper.rb
171
+ - spec/support/honeypot_matcher.rb
172
+ - spec/support/obfuscation_helper.rb
173
+ - spec/support/obfuscation_matcher.rb
174
+ - spec/support/rails/mock_logger.rb
175
+ - spec/support/test_controller.rb
176
+ - spec/views/lib/action_view/helpers/instance_tag_spec.rb
177
+ - spec/views/lib/disabled_for_spec.rb
178
+ - spec/views/lib/form_builder_spec.rb
179
+ - spec/views/lib/param_parser_spec.rb
data/lib/bot-away/action_controller/request.rb DELETED
@@ -1,19 +0,0 @@
1
- class ActionController::Request < Rack::Request
2
- def parameters_with_deobfuscation
3
- @parameters ||= BotAway::ParamParser.new(ip, parameters_without_deobfuscation).params
4
- end
5
-
6
- class << self
7
- def unfiltered_params(*keys)
8
- unfiltered_params = instance_variable_get("@unfiltered_params") || instance_variable_set("@unfiltered_params", [])
9
- unfiltered_params.concat keys.flatten.collect { |k| k.to_s }
10
- unfiltered_params
11
- end
12
-
13
- alias_method :accepts_unfiltered_params, :unfiltered_params
14
- end
15
-
16
- delegate :accepts_unfiltered_params, :unfiltered_params, :to => :"self.class"
17
- alias_method_chain :parameters, :deobfuscation
18
- alias_method :params, :parameters
19
- end
data/spec/support/controllers/test_controller.rb DELETED
@@ -1,18 +0,0 @@
1
- class Post
2
- attr_reader :subject, :body, :subscribers
3
- end
4
-
5
- class TestController < ActionController::Base
6
- view_paths << File.expand_path(File.join(File.dirname(__FILE__), "../views"))
7
-
8
- def index
9
- end
10
-
11
- def model_form
12
- @post = Post.new
13
- end
14
-
15
- def proc_form
16
- render :text => params.to_yaml
17
- end
18
- end