honeypot-captcha 0.0.2 → 1.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: de70aea71253224308afd97ec53f4b3c5d0f27b4268d072ca5b53ea7eb73a148
+  data.tar.gz: b4da23ac08e48707139cb823f0aa64617e72addebb2f965c897d71d444e59e67
+SHA512:
+  metadata.gz: 813eae953f01c398c378bf8c3dc7f965fb638c709337bcaff9ebf022c684f8eb956969dd3758c2fe7a731d822dfc3ab2a83868e54129479ece775cd7eb0e4afc
+  data.tar.gz: 603bae094ed48572cada9b9a537c2b304459296bdea2942d9b51deaf8b819caaddfe1f44ff6fbae064a18de0faad0a66226acf1c296c2e604a3315d0ad47dbec

data/README.markdown

@@ -1,6 +1,6 @@
 # Honeypot Captcha
 
-A simple way to add honeypot captchas in your Rails forms.
+**The simplest way to add honeypot captchas in your Rails forms.**
 
 Honeypot captchas work off the premise that you can present different form
 fields to a spam bot than you do to a real user. Spam bots will typically try
@@ -12,17 +12,27 @@ submitted with values. If they are, we assume that we encountered a spam bot.
 * [Honeypot Captcha by Phil Haack](http://haacked.com/archive/2007/09/11/honeypot-captcha.aspx)
 * [Stopping spambots with hashes and honeypots](http://nedbatchelder.com/text/stopbots.html)
 
+## Requirements
+
+* Rails >= 2.3.8
+
+## Installation
+
+In your Gemfile, simply add
+
+    gem 'honeypot-captcha'
 
 ## Usage
 
 I've tried to make it pretty simple to add a honeypot captcha, but I'm open to
-any suggestions you may have.
+any suggestions you may have. By default, `create` and `update` actions are
+protected. For other actions, see [below](#protection-for-actions-other-than-create-and-update).
 
 ### form_for
 
 Simply specify that the form has a honeypot in the HTML options hash:
 
-    <% form_for Comment.new, :html => { :honeypot => true } do |form| -%>
+    <%= form_for Comment.new, :html => { :honeypot => true } do |form| -%>
       ...
     <% end -%>
 
@@ -30,7 +40,7 @@ Simply specify that the form has a honeypot in the HTML options hash:
 
 Simply specify that the form has a honeypot in the options hash:
 
-    <% form_tag comments_path, :honeypot => true do -%>
+    <%= form_tag comments_path, :honeypot => true do -%>
       ...
     <% end -%>
 
@@ -42,8 +52,66 @@ Simply specify that the form has a honeypot in the options hash:
       ...
     </form>
 
+### simple_form_for
+
+Simply specify that the form has a honeypot in the HTML options hash:
+
+    <%= simple_form_for Comment.new, :html => { :honeypot => true } do |form| -%>
+      ...
+    <% end -%>
+
+### Protection for actions other than `create` and `update`
+
+If you are submitting a form to a non-RESTful action and require
+honeypot protection, simply add the before filter for that action
+in your controller. For example:
+
+    class NewsletterController < ApplicationController
+      prepend_before_action :protect_from_spam, :only => [:subscribe]
+      ...
+    end
+
+### Customizing the honeypot fields
+
+Override the `honeypot_fields` method within `ApplicationController` to
+add your own custom field names and values. For example:
+
+    def honeypot_fields
+      {
+        :my_custom_comment_body => 'Do not fill in this field, sucka!',
+        :another_thingy => 'Really... do not fill out!'
+      }
+    end
+
+NOTE: `honeypot_fields` hash keys are used at the beginning of the generated HTML id attributes. The HTML 4.01 spec states that ids must start with a letter ([A-Za-z]), so be aware of this when creating the hash keys. HTML5 is much less strict.
+
+Override the `honeypot_string` method within `ApplicationController` to
+disguise the string that will be included in the honeypot name. For example:
+
+    def honeypot_string
+      'im-not-a-honeypot-at-all'
+    end
+
+Override the `honeypot_style_class` method within `ApplicationController` to
+provide a non-inline CSS class that will be applied to hide honeypot fields
+(if nil, the style will be applied inline). For example:
+
+    def honeypot_style_class
+      'display-none'
+    end
+
+... assigns an HTML class for styling purposes:
+
+    <div id="login_hp_1464171481" class="display-none">
+
+... which can be styled by a CSS style within app/assets/stylesheets:
+
+    .display-none {
+      display: none;
+    }
+
 ## Note on Patches/Pull Requests
- 
+
 * Fork the project.
 * Make your feature addition or bug fix.
 * Add tests for it. This is important so I don't break it in a future version unintentionally.
@@ -51,13 +119,24 @@ Simply specify that the form has a honeypot in the options hash:
 * Send me a pull request. Bonus points for topic branches.
 
 ## Author
+Created by [Curtis Miller](http://millarian.com) of Velocity Labs, a
+[Ruby on Rails development company](http://velocitylabs.io).
+
+### Collaborators
 
-Written by [Curtis Miller](http://millarian.com) of [Flatterline](http://flatterline.com)
+* [Dave Tapley](https://github.com/dukedave)
 
 ### Contributors
 
+Thank you to all contributors!
+
 * [Eric Saxby](http://github.com/sax)
+* [Bernard Grymonpon](https://github.com/wonko)
+* [rchekaluk](https://github.com/rchekaluk)
+* [Sunny Ripert](https://github.com/sunny)
+* [RandieM](https://github.com/RandieM)
+* [Wayne Steven See](https://github.com/weynsee)
 
 ## Copyright
 
-Copyright (c) 2010 Curtis Miller. See LICENSE for details.
+Copyright (c) 2010-2019 Curtis Miller. See LICENSE for details.

data/VERSION

@@ -1 +1 @@
-0.0.2
+1.0.1

data/lib/honeypot-captcha/form_tag_helper.rb

@@ -2,36 +2,57 @@
 module ActionView
   module Helpers
     module FormTagHelper
-      def form_tag_with_honeypot(url_for_options = {}, options = {}, *parameters_for_url, &block)
-        honeypot = options.delete(:honeypot)
-        html = form_tag_without_honeypot(url_for_options, options, *parameters_for_url, &block)
+      def form_tag_html_with_honeypot(options)
+        honeypot = options.delete(:honeypot) || options.delete('honeypot')
+        html     = form_tag_html_without_honeypot(options)
+
         if honeypot
-          captcha = "".respond_to?(:html_safe) ? honey_pot_captcha.html_safe : honey_pot_captcha
+          captcha = honey_pot_captcha
+
           if block_given?
             html.insert(html.index('</form>'), captcha)
           else
             html += captcha
           end
         end
+
         html
       end
-      alias_method_chain :form_tag, :honeypot
+      alias_method :form_tag_html_without_honeypot, :form_tag_html
+      alias_method :form_tag_html, :form_tag_html_with_honeypot
 
     private
 
       def honey_pot_captcha
-        html_ids = []
-        honeypot_fields.collect do |f, l|
-          html_ids << (html_id = "#{f}_hp_#{Time.now.to_i}")
-          content_tag :div, :id => html_id do
-            content_tag(:style, :type => 'text/css', :media => 'screen', :scoped => "scoped") do
-              "#{html_ids.map { |i| "##{i}" }.join(', ')} { display:none; }"
-            end +
-            label_tag(f, l) +
-            send([:text_field_tag, :text_area_tag][rand(2)], f)
+        honeypot_fields.collect do |key, value|
+          html_id = sanitized_html_id(key)
+
+          content_tag :div, { :id => html_id }.merge(style_attributes) do
+            style_tag(html_id) +
+            label_tag(key, value) +
+            send([:text_field_tag, :text_area_tag][rand(2)], key)
           end
-        end.join
+
+        end.join.html_safe
+      end
+
+      def sanitized_html_id(key)
+        "#{key}_#{honeypot_string}_#{Time.current.to_i + rand(999)}".gsub(/\]\[|[^-a-zA-Z0-9:.]/, "_")
+      end
+
+      def style_attributes
+        return {} if honeypot_style_class.blank?
+
+        { :class => honeypot_style_class }
+      end
+
+      def style_tag(html_id)
+        return ''.html_safe if honeypot_style_class.present?
+
+        content_tag(:style, :type => 'text/css', :media => 'screen', :scoped => "scoped") do
+          "[id='#{html_id}'] { display:none; }".html_safe
+        end.html_safe
       end
     end
   end
-end
+end

data/lib/honeypot-captcha.rb

@@ -6,14 +6,26 @@ module HoneypotCaptcha
       { :a_comment_body => 'Do not fill in this field' }
     end
 
+    def honeypot_string
+      'hp'
+    end
+
+    def honeypot_style_class
+      nil
+    end
+
     def protect_from_spam
       head :ok if honeypot_fields.any? { |f,l| !params[f].blank? }
     end
 
     def self.included(base) # :nodoc:
       base.send :helper_method, :honeypot_fields
+      base.send :helper_method, :honeypot_string
+      base.send :helper_method, :honeypot_style_class
 
-      if base.respond_to? :before_filter
+      if base.respond_to? :before_action
+        base.send :prepend_before_action, :protect_from_spam, :only => [:create, :update]
+      elsif base.respond_to? :before_filter
         base.send :prepend_before_filter, :protect_from_spam, :only => [:create, :update]
       end
     end

metadata

@@ -1,71 +1,161 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: honeypot-captcha
-version: !ruby/object:Gem::Version 
-  prerelease: false
-  segments: 
-  - 0
-  - 0
-  - 2
-  version: 0.0.2
+version: !ruby/object:Gem::Version
+  version: 1.0.1
 platform: ruby
-authors: 
+authors:
 - curtis
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2010-05-23 00:00:00 -07:00
-default_executable: 
-dependencies: []
-
+date: 2019-02-27 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: actionview
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: railties
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.8'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.8'
+- !ruby/object:Gem::Dependency
+  name: rspec-html-matchers
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '6.1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '6.1'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2'
+- !ruby/object:Gem::Dependency
+  name: jeweler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.3'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.3'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: A simple way to add honeypot captchas to Rails forms
-email: curtis@flatterline.com
+email: curtis@velocitylabs.io
 executables: []
-
 extensions: []
-
-extra_rdoc_files: 
+extra_rdoc_files:
 - LICENSE
 - README.markdown
-files: 
-- .document
-- .gitignore
+files:
 - LICENSE
 - README.markdown
-- Rakefile
 - VERSION
-- honeypot-captcha.gemspec
 - lib/honeypot-captcha.rb
 - lib/honeypot-captcha/form_tag_helper.rb
-has_rdoc: true
 homepage: http://github.com/curtis/honeypot-captcha
 licenses: []
-
+metadata: {}
 post_install_message: 
-rdoc_options: 
-- --charset=UTF-8
-require_paths: 
+rdoc_options: []
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
-  requirements: 
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
   - - ">="
-    - !ruby/object:Gem::Version 
-      segments: 
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
-  requirements: 
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
   - - ">="
-    - !ruby/object:Gem::Version 
-      segments: 
-      - 0
-      version: "0"
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
-
 rubyforge_project: 
-rubygems_version: 1.3.6
+rubygems_version: 2.7.8
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: A simple way to add honeypot captchas to Rails forms
 test_files: []
-

data/.document

@@ -1,5 +0,0 @@
-README.rdoc
-lib/**/*.rb
-bin/*
-features/**/*.feature
-LICENSE

data/.gitignore

@@ -1,21 +0,0 @@
-## MAC OS
-.DS_Store
-
-## TEXTMATE
-*.tmproj
-tmtags
-
-## EMACS
-*~
-\#*
-.\#*
-
-## VIM
-*.swp
-
-## PROJECT::GENERAL
-coverage
-rdoc
-pkg
-
-## PROJECT::SPECIFIC

data/Rakefile

@@ -1,45 +0,0 @@
-require 'rubygems'
-require 'rake'
-
-begin
-  require 'jeweler'
-  Jeweler::Tasks.new do |gem|
-    gem.name = "honeypot-captcha"
-    gem.summary = %Q{A simple way to add honeypot captchas to Rails forms}
-    gem.description = %Q{A simple way to add honeypot captchas to Rails forms}
-    gem.email = "curtis@flatterline.com"
-    gem.homepage = "http://github.com/curtis/honeypot-captcha"
-    gem.authors = ["curtis"]
-    # gem.add_development_dependency "rspec", ">= 1.2.9"
-    # gem is a Gem::Specification... see http://www.rubygems.org/read/chapter/20 for additional settings
-  end
-  Jeweler::GemcutterTasks.new
-rescue LoadError
-  puts "Jeweler (or a dependency) not available. Install it with: gem install jeweler"
-end
-
-require 'spec/rake/spectask'
-Spec::Rake::SpecTask.new(:spec) do |spec|
-  spec.libs << 'lib' << 'spec'
-  spec.spec_files = FileList['spec/**/*_spec.rb']
-end
-
-Spec::Rake::SpecTask.new(:rcov) do |spec|
-  spec.libs << 'lib' << 'spec'
-  spec.pattern = 'spec/**/*_spec.rb'
-  spec.rcov = true
-end
-
-task :spec => :check_dependencies
-
-task :default => :spec
-
-require 'rake/rdoctask'
-Rake::RDocTask.new do |rdoc|
-  version = File.exist?('VERSION') ? File.read('VERSION') : ""
-
-  rdoc.rdoc_dir = 'rdoc'
-  rdoc.title = "honeypot-captcha #{version}"
-  rdoc.rdoc_files.include('README*')
-  rdoc.rdoc_files.include('lib/**/*.rb')
-end

data/honeypot-captcha.gemspec

@@ -1,46 +0,0 @@
-# Generated by jeweler
-# DO NOT EDIT THIS FILE DIRECTLY
-# Instead, edit Jeweler::Tasks in Rakefile, and run the gemspec command
-# -*- encoding: utf-8 -*-
-
-Gem::Specification.new do |s|
-  s.name = %q{honeypot-captcha}
-  s.version = "0.0.2"
-
-  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
-  s.authors = ["curtis"]
-  s.date = %q{2010-05-23}
-  s.description = %q{A simple way to add honeypot captchas to Rails forms}
-  s.email = %q{curtis@flatterline.com}
-  s.extra_rdoc_files = [
-    "LICENSE",
-     "README.markdown"
-  ]
-  s.files = [
-    ".document",
-     ".gitignore",
-     "LICENSE",
-     "README.markdown",
-     "Rakefile",
-     "VERSION",
-     "honeypot-captcha.gemspec",
-     "lib/honeypot-captcha.rb",
-     "lib/honeypot-captcha/form_tag_helper.rb"
-  ]
-  s.homepage = %q{http://github.com/curtis/honeypot-captcha}
-  s.rdoc_options = ["--charset=UTF-8"]
-  s.require_paths = ["lib"]
-  s.rubygems_version = %q{1.3.6}
-  s.summary = %q{A simple way to add honeypot captchas to Rails forms}
-
-  if s.respond_to? :specification_version then
-    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
-    s.specification_version = 3
-
-    if Gem::Version.new(Gem::RubyGemsVersion) >= Gem::Version.new('1.2.0') then
-    else
-    end
-  else
-  end
-end
-