rucaptcha 2.5.0 → 2.5.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +147 -83
- data/README.md +6 -2
- data/app/controllers/ru_captcha/captcha_controller.rb +4 -3
- data/config/locales/rucaptcha.en.yml +1 -1
- data/config/locales/rucaptcha.zh-CN.yml +1 -1
- data/config/locales/rucaptcha.zh-TW.yml +1 -1
- data/config/routes.rb +1 -1
- data/ext/rucaptcha/colors.h +265 -18
- data/ext/rucaptcha/extconf.rb +2 -2
- data/ext/rucaptcha/rucaptcha.c +172 -111
- data/lib/rucaptcha.rb +23 -24
- data/lib/rucaptcha/cache.rb +2 -1
- data/lib/rucaptcha/controller_helpers.rb +15 -17
- data/lib/rucaptcha/engine.rb +2 -2
- data/lib/rucaptcha/errors/configuration.rb +1 -1
- data/lib/rucaptcha/version.rb +1 -1
- data/lib/rucaptcha/view_helpers.rb +8 -8
- metadata +7 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e9d3d4dbd1dc22a2d97ed2d3d1fcc248621bbc97a90e0823c024244de9493c57
|
4
|
+
data.tar.gz: 2d430de72e74176b92b021bf4f0462ba8f73ba147e3522c47f554ee8f72d3e9f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bc1c19827b035d8e50e4ce9c42d39f4df4ceff1682b1eacc866d69d3c61b4bf723b51705e1eb275880aa8b7161c7baeff6ca591b509528899c1097bd66381c65
|
7
|
+
data.tar.gz: 0174b9a8e99f194d51fc69126f3fe1d38292b863db10fbbf8a76f2a1843ff23f882871613edc67c946c88a29cd26b9f37b3fd73b11457128cc1e6c371f234b29
|
data/CHANGELOG.md
CHANGED
@@ -1,78 +1,115 @@
|
|
1
|
-
2.5.
|
2
|
-
|
1
|
+
## 2.5.5
|
2
|
+
|
3
|
+
- Improved image for thicker interference lines.
|
4
|
+
- Add more colors.
|
5
|
+
|
6
|
+
## 2.5.4
|
7
|
+
|
8
|
+
- Fix: rucaptcha input maxlength attribute with config value.
|
9
|
+
|
10
|
+
2.5.3
|
11
|
+
|
12
|
+
---
|
13
|
+
|
14
|
+
- Fix session invalid warning, only for development env;
|
15
|
+
|
16
|
+
2.5.2
|
17
|
+
|
18
|
+
---
|
19
|
+
|
20
|
+
- Fix session.id error with upgrade Rails 6.0.2.1 or Rack 2.0.8 (#84)
|
21
|
+
|
22
|
+
2.5.1
|
23
|
+
|
24
|
+
---
|
25
|
+
|
26
|
+
- Fix invalid module name error. (#78)
|
27
|
+
|
28
|
+
2.5.0
|
29
|
+
|
30
|
+
---
|
3
31
|
|
4
32
|
- Support click captcha image to refresh new one by default.
|
5
33
|
- Use simple tag helper generate captcha img html, for avoid asset_host (#73).
|
6
34
|
|
7
|
-
2.4.0
|
8
|
-
|
35
|
+
2.4.0
|
36
|
+
|
37
|
+
---
|
9
38
|
|
10
39
|
- Add skip_cache_store_check configuration. (#63)
|
11
40
|
- Fix for generate captcha with relative path, not url. (#58)
|
12
41
|
|
13
|
-
2.3.2
|
14
|
-
|
42
|
+
2.3.2
|
43
|
+
|
44
|
+
---
|
15
45
|
|
16
46
|
- Change Yellow and Green colors to Pink and Deep Purple to pass WCAG 2.0's contrast test. (#70)
|
17
47
|
|
18
|
-
2.3.1
|
19
|
-
|
48
|
+
2.3.1
|
49
|
+
|
50
|
+
---
|
20
51
|
|
21
52
|
- Fix #67 a y chars will invalid error (only in 2.3.0).
|
22
53
|
|
23
|
-
2.3.0
|
24
|
-
|
54
|
+
2.3.0
|
55
|
+
|
56
|
+
---
|
25
57
|
|
26
58
|
- Add `config.outline` for use outline style.
|
27
59
|
- Reduce colors down to 5 (red, blue, green, yellow and black).
|
28
60
|
|
29
|
-
2.2.0
|
30
|
-
|
61
|
+
2.2.0
|
62
|
+
|
63
|
+
---
|
31
64
|
|
32
65
|
- Add option `config.length` for support change number chars. (#57)
|
33
66
|
- Add option `config.strikethrough` for enable or disable strikethrough. (#57)
|
34
67
|
|
35
|
-
2.1.3
|
36
|
-
|
68
|
+
2.1.3
|
69
|
+
|
70
|
+
---
|
37
71
|
|
38
72
|
- Windows support fixed with `send_data` method. (#45)
|
39
73
|
|
40
|
-
2.1.2
|
41
|
-
|
74
|
+
2.1.2
|
75
|
+
|
76
|
+
---
|
42
77
|
|
43
78
|
- Do not change captcha when `HEAD /rucaptcha`.
|
44
79
|
|
45
|
-
2.1.1
|
46
|
-
|
80
|
+
2.1.1
|
81
|
+
|
82
|
+
---
|
47
83
|
|
48
84
|
- Mount engine use `prepend` method to get high priority in config/routes.rb.
|
49
85
|
|
50
|
-
2.1.0
|
51
|
-
|
86
|
+
2.1.0
|
87
|
+
|
88
|
+
---
|
52
89
|
|
53
90
|
- Mount Router by default, not need config now.
|
54
91
|
|
55
92
|
> IMPORTANT: Wen you upgrade this version, you need remove `mount RuCaptcha::Engine` line from your `config/routes.rb`
|
93
|
+
|
56
94
|
- Default use [:file_store, 'tmp/cache/rucaptcha/session'] as RuCaptcha.config.cache_store, now it can work without any configurations.
|
57
95
|
|
58
96
|
> NOTE: But you still need care about `config.cache_store` to setup on a right way.
|
59
97
|
|
60
|
-
|
61
|
-
|
62
|
-
2.0.3
|
63
|
-
-----
|
98
|
+
## 2.0.3
|
64
99
|
|
65
100
|
- Use `ActiveSupport.on_load` to extend ActionController and ActionView.
|
66
101
|
|
67
|
-
2.0.1
|
68
|
-
|
102
|
+
2.0.1
|
103
|
+
|
104
|
+
---
|
69
105
|
|
70
106
|
- Fix `/rucaptcha` path issue when `config.action_controller.asset_host` has setup with CDN url.
|
71
107
|
|
72
|
-
2.0.0
|
73
|
-
|
108
|
+
2.0.0
|
109
|
+
|
110
|
+
---
|
74
111
|
|
75
|
-
|
112
|
+
_Break Changes!_
|
76
113
|
|
77
114
|
WARNING!: This version have so many break changes!
|
78
115
|
|
@@ -81,29 +118,34 @@ WARNING!: This version have so many break changes!
|
|
81
118
|
- Remove `len`, `font_size`, `cache_limit` config key, no support now.
|
82
119
|
- Output `GIF` format.
|
83
120
|
|
84
|
-
1.2.0
|
85
|
-
|
121
|
+
1.2.0
|
122
|
+
|
123
|
+
---
|
86
124
|
|
87
125
|
- Add an `:keep_session` option for `verify_rucaptcha?` method to giva a way for let you keep session on verify, if true, RuCaptcha will not delete the captcha code session after validation.
|
88
126
|
|
89
|
-
1.1.4
|
90
|
-
|
127
|
+
1.1.4
|
128
|
+
|
129
|
+
---
|
91
130
|
|
92
131
|
- Fix #35 just give a warning message if not setup a right cache_store, only raise on :null_store.
|
93
132
|
|
94
|
-
1.1.2
|
95
|
-
|
133
|
+
1.1.2
|
134
|
+
|
135
|
+
---
|
96
136
|
|
97
137
|
- Fix #34 rucaptcha.root_url -> root_path, to avoid generate a http url in a https application.
|
98
138
|
- Fix spec to require Ruby 2.0.0, because there have a `Module#prepend` method called.
|
99
139
|
|
100
|
-
1.1.1
|
101
|
-
|
140
|
+
1.1.1
|
141
|
+
|
142
|
+
---
|
102
143
|
|
103
144
|
- Remove inspect log on verify_rucaptcha
|
104
145
|
|
105
|
-
1.1.0
|
106
|
-
|
146
|
+
1.1.0
|
147
|
+
|
148
|
+
---
|
107
149
|
|
108
150
|
- Add `cache_store` config key to setup a cache store location for RuCaptcha.
|
109
151
|
- Store captcha in custom cache store.
|
@@ -112,116 +154,136 @@ WARNING!: This version have so many break changes!
|
|
112
154
|
|
113
155
|
- Fix Session replay secure issue that when Rails application use CookieStore.
|
114
156
|
|
115
|
-
1.0.0
|
116
|
-
|
157
|
+
1.0.0
|
158
|
+
|
159
|
+
---
|
117
160
|
|
118
161
|
- Adjust to avoid lighter colors.
|
119
162
|
- Avoid continuous chars have same color.
|
120
163
|
- Use same color for each chars in :black_white mode.
|
121
164
|
|
122
|
-
0.5.1
|
123
|
-
|
165
|
+
0.5.1
|
166
|
+
|
167
|
+
---
|
124
168
|
|
125
169
|
- Make sure it will render image when ImageMagick stderr have warning messages. (#26)
|
126
170
|
|
127
|
-
0.5.0
|
128
|
-
|
171
|
+
0.5.0
|
172
|
+
|
173
|
+
---
|
129
174
|
|
130
175
|
- Fix cache with Rails 5.
|
131
176
|
|
132
|
-
0.4.5
|
133
|
-
|
177
|
+
0.4.5
|
178
|
+
|
179
|
+
---
|
134
180
|
|
135
181
|
- Removed `posix-spawn` dependency, used open3 instead (core funciontality), JRuby compatible (#24)
|
136
182
|
|
137
|
-
0.4.4
|
138
|
-
|
183
|
+
0.4.4
|
184
|
+
|
185
|
+
---
|
139
186
|
|
140
187
|
- Remove deprecated `width`, `height` config.
|
141
188
|
- Delete session key after verify (#23).
|
142
189
|
- Lighter text color, improve style.
|
143
190
|
|
144
|
-
0.4.2
|
145
|
-
|
191
|
+
0.4.2
|
192
|
+
|
193
|
+
---
|
146
194
|
|
147
195
|
- Fix NoMethodError bug when params[:_rucaptha] is nil.
|
148
196
|
|
149
|
-
0.4.1
|
150
|
-
|
197
|
+
0.4.1
|
198
|
+
|
199
|
+
---
|
151
200
|
|
152
201
|
- Add error message to resource when captcha code expired.
|
153
202
|
|
154
|
-
0.4.0
|
155
|
-
|
203
|
+
0.4.0
|
204
|
+
|
205
|
+
---
|
156
206
|
|
157
207
|
- Add `config.colorize` option, to allow use black text theme.
|
158
208
|
|
159
|
-
0.3.3
|
160
|
-
|
209
|
+
0.3.3
|
210
|
+
|
211
|
+
---
|
161
212
|
|
162
213
|
- Add `config.expires_in` to allow change captcha code expire time.
|
163
214
|
|
164
|
-
0.3.2.1
|
165
|
-
|
215
|
+
0.3.2.1
|
216
|
+
|
217
|
+
---
|
166
218
|
|
167
219
|
- Add Windows development env support.
|
168
220
|
|
169
|
-
0.3.2
|
170
|
-
|
221
|
+
0.3.2
|
222
|
+
|
223
|
+
---
|
171
224
|
|
172
225
|
- Make better render positions;
|
173
226
|
- Trim blank space.
|
174
227
|
|
175
|
-
0.3.1
|
176
|
-
|
228
|
+
0.3.1
|
229
|
+
|
230
|
+
---
|
177
231
|
|
178
232
|
- More complex Image render: compact text, strong lines, +/-5 rotate...
|
179
233
|
- [DEPRECATION] config.width, config.height removed, use config.font_size.
|
180
234
|
- Fix the render position in difference font sizes.
|
181
235
|
- Fix input field type, and disable autocorrect, autocapitalize, and limit maxlength with char length;
|
182
236
|
|
183
|
-
0.2.5
|
184
|
-
|
237
|
+
0.2.5
|
238
|
+
|
239
|
+
---
|
185
240
|
|
186
241
|
- Add `session[:_rucaptcha]` expire time, for protect Rails CookieSession Replay Attack.
|
187
242
|
- Captcha input field disable autocomplete, and set field type as `email` for shown correct keyboard on mobile view.
|
188
243
|
|
189
|
-
0.2.3
|
190
|
-
|
244
|
+
0.2.3
|
245
|
+
|
246
|
+
---
|
191
247
|
|
192
248
|
- It will raise error when call ImageMagick failed.
|
193
249
|
|
194
|
-
0.2.2
|
195
|
-
|
250
|
+
0.2.2
|
251
|
+
|
252
|
+
---
|
196
253
|
|
197
254
|
- Added locale for pt-BR language; @ramirovjr
|
198
255
|
|
199
|
-
0.2.1
|
200
|
-
|
256
|
+
0.2.1
|
257
|
+
|
258
|
+
---
|
201
259
|
|
202
260
|
- Fix issue when cache dir not exist.
|
203
261
|
|
204
|
-
0.2.0
|
205
|
-
|
262
|
+
0.2.0
|
263
|
+
|
264
|
+
---
|
206
265
|
|
207
266
|
- Added file cache, can setup how many images you want generate by `config.cache_limit`,
|
208
267
|
RuCaptcha will use cache for next requests.
|
209
268
|
When you restart Rails processes it will generate new again and clean the old caches.
|
210
269
|
|
211
|
-
0.1.4
|
212
|
-
|
270
|
+
0.1.4
|
271
|
+
|
272
|
+
---
|
213
273
|
|
214
274
|
- Fix `verify_rucaptcha?` logic in somecase.
|
215
275
|
- Locales fixed.
|
216
276
|
|
217
|
-
0.1.3
|
218
|
-
|
277
|
+
0.1.3
|
278
|
+
|
279
|
+
---
|
219
280
|
|
220
281
|
- `zh-TW` translate file fixed.
|
221
282
|
- Use xxx_url to fix bad captcha URL for `config.action_controller.asset_host` enabled case.
|
222
283
|
|
223
|
-
0.1.2
|
224
|
-
|
284
|
+
0.1.2
|
285
|
+
|
286
|
+
---
|
225
287
|
|
226
288
|
- No case sensitive;
|
227
289
|
- Export config.implode;
|
@@ -229,12 +291,14 @@ WARNING!: This version have so many break changes!
|
|
229
291
|
- Don't generate chars in 'l,o,0,1'.
|
230
292
|
- Render lower case chars on image.
|
231
293
|
|
232
|
-
0.1.1
|
233
|
-
|
294
|
+
0.1.1
|
295
|
+
|
296
|
+
---
|
234
297
|
|
235
298
|
- Include default validation I18n messages (en, zh-CN, zh-TW).
|
236
299
|
|
237
|
-
0.1.0
|
238
|
-
|
300
|
+
0.1.0
|
301
|
+
|
302
|
+
---
|
239
303
|
|
240
304
|
- First release.
|
data/README.md
CHANGED
@@ -1,10 +1,13 @@
|
|
1
1
|
# RuCaptcha
|
2
2
|
|
3
3
|
[![Gem Version](https://badge.fury.io/rb/rucaptcha.svg)](https://badge.fury.io/rb/rucaptcha)
|
4
|
-
[![
|
4
|
+
[![build](https://github.com/huacnlee/rucaptcha/workflows/build/badge.svg)](https://github.com/huacnlee/rucaptcha/actions?query=workflow%3Abuild)
|
5
5
|
|
6
6
|
This is a Captcha gem for Rails Applications which generates captcha image by C code.
|
7
7
|
|
8
|
+
> NOTE: According to the use of Ruby China, the verification code looks like has a lower than 5% probability of being parsed by OCR and the verification code is cracked. It is recommended that you use the IP rate limit to enhance the protection.
|
9
|
+
> NOTE: 以 Ruby China 的使用来看,验证码似乎有低于 5% 的概率被 OCR 读取解析导致验证码被破解(我们从日志分析绝大多数是成功的,但偶尔一个成功,配合大量机器攻击,导致注册了很多的垃圾账号),建议你额外配合 IP 频率限制的功能来加强保护。
|
10
|
+
|
8
11
|
[中文介绍和使用说明](https://ruby-china.org/topics/27832)
|
9
12
|
|
10
13
|
## Example
|
@@ -47,7 +50,7 @@ RuCaptcha.configure do
|
|
47
50
|
# self.length = 5
|
48
51
|
# enable/disable Strikethrough.
|
49
52
|
# self.strikethrough = true
|
50
|
-
# enable/disable Outline style
|
53
|
+
# enable/disable Outline style
|
51
54
|
# self.outline = false
|
52
55
|
end
|
53
56
|
```
|
@@ -61,6 +64,7 @@ RuCaptcha 没有使用 Rails Session 来存储验证码信息,因为 Rails 的
|
|
61
64
|
所以,我建议大家使用的时候,配置上 `cache_store` (详见 [Rails Guides 缓存配置部分](https://ruby-china.github.io/rails-guides/caching_with_rails.html#%E9%85%8D%E7%BD%AE)的文档)到一个 Memcached 或 Redis,这才是最佳实践。
|
62
65
|
|
63
66
|
#
|
67
|
+
|
64
68
|
(RuCaptha do not use Rails Session to store captcha information. As the default session is stored in Cookie in Rails, there's a [Replay attack](https://en.wikipedia.org/wiki/Replay_attack) bug which may causes capthcha being destroyed if we store captcha in Rails Session.
|
65
69
|
|
66
70
|
So in my design I require RuCaptcha to configure a distributed backend storage scheme, such as Memcached, Redis or other cache_store schemes which support distribution.
|
@@ -2,10 +2,11 @@ module RuCaptcha
|
|
2
2
|
class CaptchaController < ActionController::Base
|
3
3
|
def index
|
4
4
|
return head :ok if request.head?
|
5
|
-
|
6
|
-
headers[
|
5
|
+
|
6
|
+
headers["Cache-Control"] = "no-cache, no-store, max-age=0, must-revalidate"
|
7
|
+
headers["Pragma"] = "no-cache"
|
7
8
|
data = generate_rucaptcha
|
8
|
-
opts = { disposition:
|
9
|
+
opts = { disposition: "inline", type: "image/gif" }
|
9
10
|
send_data data, opts
|
10
11
|
end
|
11
12
|
end
|