recaptcha 5.14.0 → 5.16.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a3e8441f1c05e97da5513f6b1b42ab0ee020d50b2d06196e4f83100251157c7b
-  data.tar.gz: c911c40cfe25f413bf9d7ae6a10cce7170856fc45975b455872397c8827db3f6
+  metadata.gz: 66a204367215f4ea083958e3f322fc7f2955e7481c09a5cadb1f57cf3acd187e
+  data.tar.gz: b6e7c0417b4d81bd0e7f15f7837968fbf65096e5d4a6286e297f1bbc030b7744
 SHA512:
-  metadata.gz: bbf6a050959ee4b95693bc336a4ce6f1bad590aefd62ec6f2a3e70f65affc22a44b04902cee5e695a7ea4922b0558e1a63c36b6a430f16094cba416f1d1a7e9f
-  data.tar.gz: 928673a8221ffe3bcce8d577dce30a405f3b1bdad4cdfc80c15f64044390149134ce4b8d48e8ce18cc28b42c4945dba2641b0982fef009d22e64e79fb117cd66
+  metadata.gz: 2c9162ae165cfb00d6ed03f91ef832e90e6bc357cfc31ee71a1a52311910fb183eb40a50967fa04f729243924c1fc9defad7d2030353ccc895b31e7bdb28e210
+  data.tar.gz: 8da70c71cb13ce29d7ddfa956795dc2bdcff53ea8aeaa64ad6495e5b4cfa40d82bfd90d9870220173a955e095346ba8f6e451364278af5887e4360b6d5601e07

data/CHANGELOG.md

@@ -1,5 +1,12 @@
 ## Next
 
+## 5.16.0
+* Allow usage of `options[:turbo]` as well as `options[:turbolinks]` for `recaptcha_v3`
+
+## 5.15.0
+* Add 3.2 to the list of Ruby CI versions
+* Add ability to submit verify_recaptcha via POST with JSON Body with `options[:json] = true`
+
 ## 5.14.0
 * drop json dependency
 

data/README.md

@@ -181,6 +181,7 @@ Some of the options available:
 | `:response`               | Custom response parameter. (default: `params['g-recaptcha-response-data']`)
 | `:hostname`               | Expected hostname or a callable that validates the hostname, see [domain validation](https://developers.google.com/recaptcha/docs/domain_validation) and [hostname](https://developers.google.com/recaptcha/docs/verify#api-response) docs. (default: `nil`, but can be changed by setting `config.hostname`)
 | `:env`                    | Current environment. The request to verify will be skipped if the environment is specified in configuration under `skip_verify_env`
+| `:json`                   | Boolean; defaults to false; if true, will submit the verification request by POST with the request data in JSON
 
 
 ### `invisible_recaptcha_tags`
@@ -418,7 +419,7 @@ but only accepts the following options:
 | Option              | Description |
 |---------------------|-------------|
 | `:site_key`         | Override site API key |
-| `:action`           | The name of the [reCAPTCHA action](https://developers.google.com/recaptcha/docs/v3#actions). Actions may only contain alphanumeric characters and slashes, and must not be user-specific. |
+| `:action`           | The name of the [reCAPTCHA action](https://developers.google.com/recaptcha/docs/v3#actions). Actions are not case-sensitive and may only contain alphanumeric characters, slashes, and underscores, and must not be user-specific. |
 | `:nonce`            | Optional. Sets nonce attribute for script. Can be generated via `SecureRandom.base64(32)`. (default: `nil`) |
 | `:callback`         | Name of callback function to call with the token. When `element` is `:input`, this defaults to a function named `setInputWithRecaptchaResponseTokenFor#{sanitize_action(action)}` that sets the value of the hidden input to the token. |
 | `:id`               | Specify a unique `id` attribute for the `<input>` element if using `element: :input`. (default: `"g-recaptcha-response-data-"` + `action`) |
@@ -426,7 +427,8 @@ but only accepts the following options:
 | `:script`           | Same as setting both `:inline_script` and `:external_script`. (default: `true`). |
 | `:inline_script`    | If `true`, adds an inline script tag that calls `grecaptcha.execute` for the given `site_key` and `action` and calls the `callback` with the resulting response token. Pass `false` if you want to handle calling `grecaptcha.execute` yourself. (default: `true`) |
 | `:element`          | The element to render, if any (default: `:input`)<br/>`:input`: Renders a hidden `<input type="hidden">` tag. The value of this will be set to the response token by the default `setInputWithRecaptchaResponseTokenFor{action}` callback.<br/>`false`: Doesn't render any tag. You'll have to add a custom callback that does something with the token. |
-| `:turbolinks`          | If `true`, calls the js function which executes reCAPTCHA after all the dependencies have been loaded. This cannot be used with the js param `:onload`. This makes reCAPTCHAv3 usable with turbolinks. |
+| `:turbo`              | If `true`, calls the js function which executes reCAPTCHA after all the dependencies have been loaded. This cannot be used with the js param `:onload`. This makes reCAPTCHAv3 usable with turbo. |
+| `:turbolinks`         | Alias of `:turbo`. Will be deprecated soon. |
 | `:ignore_no_element`  | If `true`, adds null element checker for forms that can be removed from the page by javascript like modals with forms. (default: true) |
 
 [JavaScript resource (api.js) parameters](https://developers.google.com/recaptcha/docs/invisible#js_param):

data/lib/recaptcha/helpers.rb

@@ -12,7 +12,7 @@ module Recaptcha
       action = options.delete(:action) || raise(Recaptcha::RecaptchaError, 'action is required')
       id = options.delete(:id) || "g-recaptcha-response-data-#{dasherize_action(action)}"
       name = options.delete(:name) || "g-recaptcha-response-data[#{action}]"
-      turbolinks = options.delete(:turbolinks)
+      turbo = options.delete(:turbo) || options.delete(:turbolinks)
       options[:render] = site_key
       options[:script_async] ||= false
       options[:script_defer] ||= false
@@ -24,11 +24,11 @@ module Recaptcha
       end
       options[:class] = "g-recaptcha-response #{options[:class]}"
 
-      if turbolinks
+      if turbo
         options[:onload] = recaptcha_v3_execute_function_name(action)
       end
       html, tag_attributes = components(options)
-      if turbolinks
+      if turbo
         html << recaptcha_v3_onload_script(site_key, action, callback, id, options)
       elsif recaptcha_v3_inline_script?(options)
         html << recaptcha_v3_inline_script(site_key, action, callback, id, options)

data/lib/recaptcha/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Recaptcha
-  VERSION = '5.14.0'
+  VERSION = '5.16.0'
 end

data/lib/recaptcha.rb

@@ -98,7 +98,7 @@ module Recaptcha
     verify_hash = { 'secret' => secret_key, 'response' => response }
     verify_hash['remoteip'] = options[:remote_ip] if options.key?(:remote_ip)
 
-    reply = api_verification_free(verify_hash, timeout: options[:timeout])
+    reply = api_verification_free(verify_hash, timeout: options[:timeout], json: options[:json])
     success = reply['success'].to_s == 'true' &&
       hostname_valid?(reply['hostname'], options[:hostname]) &&
       action_valid?(reply['action'], options[:action]) &&
@@ -152,11 +152,18 @@ module Recaptcha
     instance
   end
 
-  def self.api_verification_free(verify_hash, timeout: nil)
-    query = URI.encode_www_form(verify_hash)
-    uri = URI.parse("#{configuration.verify_url}?#{query}")
+  def self.api_verification_free(verify_hash, timeout: nil, json: false)
+    if json
+      uri = URI.parse(configuration.verify_url)
+      request = Net::HTTP::Post.new(uri.request_uri)
+      request['Content-Type'] = 'application/json; charset=utf-8'
+      request.body = JSON.generate(verify_hash)
+    else
+      query = URI.encode_www_form(verify_hash)
+      uri = URI.parse("#{configuration.verify_url}?#{query}")
+      request = Net::HTTP::Get.new(uri.request_uri)
+    end
     http_instance = http_client_for(uri: uri, timeout: timeout)
-    request = Net::HTTP::Get.new(uri.request_uri)
     JSON.parse(http_instance.request(request).body)
   end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: recaptcha
 version: !ruby/object:Gem::Version
-  version: 5.14.0
+  version: 5.16.0
 platform: ruby
 authors:
 - Jason L Perry
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-04-19 00:00:00.000000000 Z
+date: 2023-10-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: mocha