invisible_captcha 0.8.1 → 0.8.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/invisible_captcha/controller_ext.rb +8 -7
- data/lib/invisible_captcha/version.rb +1 -1
- data/lib/invisible_captcha/view_helpers.rb +1 -1
- data/spec/controllers_spec.rb +7 -6
- data/spec/view_helpers_spec.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 09a971b340dc4df300e6f158e631085f313501ac
|
4
|
+
data.tar.gz: c300f8cd9c6759b4d8e6f478d676e2b8f6990ace
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e49701c76ee0586b6b30f5de9137d8e34ee59210d6ed37352937feab563d5e688e8a480dbc8fa2a837e3f8d807c6fb2583ea44c52c8ba507ac4852565266890b
|
7
|
+
data.tar.gz: 7657bcf22f0936068750a4c6ad321b762d56c78fe63818853c1607d8fcb708b277818a1a597b11cd5cbe1c1b9c9c88f02f2ec538f745a58d0faea7ddae072037
|
data/README.md
CHANGED
@@ -145,7 +145,7 @@ The `invisible_captcha` method accepts some options:
|
|
145
145
|
* `honeypot`: name of honeypot.
|
146
146
|
* `scope`: name of scope, ie: 'topic[subtitle]' -> 'topic' is the scope.
|
147
147
|
* `on_spam`: custom callback to be called on spam detection.
|
148
|
-
* `on_timestamp_spam`: custom callback to be called when form submitted too quickly.
|
148
|
+
* `on_timestamp_spam`: custom callback to be called when form submitted too quickly. The default action redirects to `:back` printing a warning in `flash[:error]`
|
149
149
|
|
150
150
|
### View helpers options:
|
151
151
|
|
@@ -20,7 +20,7 @@ module InvisibleCaptcha
|
|
20
20
|
if action = options[:on_timestamp_spam]
|
21
21
|
send(action)
|
22
22
|
else
|
23
|
-
flash
|
23
|
+
redirect_to :back, flash: { error: InvisibleCaptcha.timestamp_error_message }
|
24
24
|
end
|
25
25
|
end
|
26
26
|
|
@@ -38,14 +38,15 @@ module InvisibleCaptcha
|
|
38
38
|
|
39
39
|
def invisible_captcha_timestamp?(options = {})
|
40
40
|
timestamp = session[:invisible_captcha_timestamp]
|
41
|
-
|
41
|
+
return false unless timestamp.present?
|
42
|
+
|
43
|
+
time_to_submit = Time.zone.now - DateTime.iso8601(timestamp)
|
42
44
|
|
43
45
|
# Consider as spam if form submitted too quickly
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
false
|
46
|
+
return false if time_to_submit >= InvisibleCaptcha.timestamp_threshold
|
47
|
+
|
48
|
+
logger.warn("Potential spam detected for IP #{request.env['REMOTE_ADDR']}. Invisible Captcha timestamp threshold not reached (took #{time_to_submit.to_i}s).")
|
49
|
+
true
|
49
50
|
end
|
50
51
|
|
51
52
|
def invisible_captcha?(options = {})
|
@@ -6,7 +6,7 @@ module InvisibleCaptcha
|
|
6
6
|
# @param scope [Symbol] name of honeypot scope, ie: topic => input name: topic[subtitle]
|
7
7
|
# @return [String] the generated html
|
8
8
|
def invisible_captcha(honeypot = nil, scope = nil, options = {})
|
9
|
-
session[:invisible_captcha_timestamp] ||= Time.zone.now
|
9
|
+
session[:invisible_captcha_timestamp] ||= Time.zone.now.iso8601
|
10
10
|
build_invisible_captcha(honeypot, scope, options)
|
11
11
|
end
|
12
12
|
|
data/spec/controllers_spec.rb
CHANGED
@@ -7,20 +7,21 @@ describe InvisibleCaptcha::ControllerExt, type: :controller do
|
|
7
7
|
|
8
8
|
context 'submission timestamp_threshold' do
|
9
9
|
before do
|
10
|
-
session[:invisible_captcha_timestamp] = Time.zone.now
|
10
|
+
session[:invisible_captcha_timestamp] = Time.zone.now.iso8601
|
11
11
|
end
|
12
12
|
|
13
13
|
it 'fails if submission before timestamp_threshold' do
|
14
|
-
|
14
|
+
request.env['HTTP_REFERER'] = 'http://test.host/topics'
|
15
|
+
post :create, {topic: { title: 'foo' }}
|
15
16
|
|
16
|
-
expect(response).to redirect_to(new_topic_path)
|
17
17
|
expect(flash[:error]).to eq(InvisibleCaptcha.timestamp_error_message)
|
18
|
+
expect(response).to redirect_to :back
|
18
19
|
end
|
19
20
|
|
20
21
|
it 'allow custom on_timestamp_spam callback', focus: true do
|
21
|
-
put :update, id: 1, topic: { title: 'bar' }
|
22
|
+
put :update, {id: 1, topic: { title: 'bar' }}
|
22
23
|
|
23
|
-
expect(response
|
24
|
+
expect(response).to redirect_to(root_path)
|
24
25
|
end
|
25
26
|
|
26
27
|
context 'successful submissions' do
|
@@ -40,7 +41,7 @@ describe InvisibleCaptcha::ControllerExt, type: :controller do
|
|
40
41
|
|
41
42
|
context 'form field' do
|
42
43
|
before do
|
43
|
-
session[:invisible_captcha_timestamp] = Time.zone.now
|
44
|
+
session[:invisible_captcha_timestamp] = Time.zone.now.iso8601
|
44
45
|
# Wait for valid submission
|
45
46
|
sleep InvisibleCaptcha.timestamp_threshold
|
46
47
|
end
|
data/spec/view_helpers_spec.rb
CHANGED
@@ -64,6 +64,6 @@ describe InvisibleCaptcha::ViewHelpers, type: :helper do
|
|
64
64
|
it 'should set spam timestamp' do
|
65
65
|
InvisibleCaptcha.honeypots = [:foo_id]
|
66
66
|
invisible_captcha
|
67
|
-
expect(session[:invisible_captcha_timestamp]).to eq(Time.zone.now)
|
67
|
+
expect(session[:invisible_captcha_timestamp]).to eq(Time.zone.now.iso8601)
|
68
68
|
end
|
69
69
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: invisible_captcha
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.8.
|
4
|
+
version: 0.8.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Marc Anguera Insa
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-04-
|
11
|
+
date: 2016-04-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rails
|