RubyGems - rucaptcha - Versions diffs - 2.5.0 → 2.5.5 - Mend

rucaptcha 2.5.0 → 2.5.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +147 -83
data/README.md +6 -2
data/app/controllers/ru_captcha/captcha_controller.rb +4 -3
data/config/locales/rucaptcha.en.yml +1 -1
data/config/locales/rucaptcha.zh-CN.yml +1 -1
data/config/locales/rucaptcha.zh-TW.yml +1 -1
data/config/routes.rb +1 -1
data/ext/rucaptcha/colors.h +265 -18
data/ext/rucaptcha/extconf.rb +2 -2
data/ext/rucaptcha/rucaptcha.c +172 -111
data/lib/rucaptcha.rb +23 -24
data/lib/rucaptcha/cache.rb +2 -1
data/lib/rucaptcha/controller_helpers.rb +15 -17
data/lib/rucaptcha/engine.rb +2 -2
data/lib/rucaptcha/errors/configuration.rb +1 -1
data/lib/rucaptcha/version.rb +1 -1
data/lib/rucaptcha/view_helpers.rb +8 -8
metadata +7 -7

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5a58f20f1ef6086b65e9757fe604e55139a56f44176e4ea46894b8710665d9b5
-  data.tar.gz: 9442b66aa703b5d1837cb573188f77bd24f15b175be88fc6d6bc8409134de186
+  metadata.gz: e9d3d4dbd1dc22a2d97ed2d3d1fcc248621bbc97a90e0823c024244de9493c57
+  data.tar.gz: 2d430de72e74176b92b021bf4f0462ba8f73ba147e3522c47f554ee8f72d3e9f
 SHA512:
-  metadata.gz: '0830fbcb86e8a03ab8eda20bcb1256daf86a4c6c57627c56899b7f17c7e8eb7144d2ac434e2e2b6301e7b9767445fe1a9611a752bd3836039b454fbabe9d81c8'
-  data.tar.gz: f9e747a5adfc9388cb6c45d23088c6f374e45a0fd5d621d1b0dc0f35c3fb08469dc641ceb120a9068cb2aee7a738e22e18d81b61861c196d22f1e80a374d488b
+  metadata.gz: bc1c19827b035d8e50e4ce9c42d39f4df4ceff1682b1eacc866d69d3c61b4bf723b51705e1eb275880aa8b7161c7baeff6ca591b509528899c1097bd66381c65
+  data.tar.gz: 0174b9a8e99f194d51fc69126f3fe1d38292b863db10fbbf8a76f2a1843ff23f882871613edc67c946c88a29cd26b9f37b3fd73b11457128cc1e6c371f234b29

data/CHANGELOG.md CHANGED

@@ -1,78 +1,115 @@
-2.5.0
--------
+## 2.5.5
+- Improved image for thicker interference lines.
+- Add more colors.
+## 2.5.4
+- Fix: rucaptcha input maxlength attribute with config value.
+  2.5.3
+---
+- Fix session invalid warning, only for development env;
+  2.5.2
+---
+- Fix session.id error with upgrade Rails 6.0.2.1 or Rack 2.0.8 (#84)
+  2.5.1
+---
+- Fix invalid module name error. (#78)
+  2.5.0
+---
 - Support click captcha image to refresh new one by default.
 - Use simple tag helper generate captcha img html, for avoid asset_host (#73).
-2.4.0
--------
+  2.4.0
+---
 - Add skip_cache_store_check configuration. (#63)
 - Fix for generate captcha with relative path, not url. (#58)
-2.3.2
--------
+  2.3.2
+---
 - Change Yellow and Green colors to Pink and Deep Purple to pass WCAG 2.0's contrast test. (#70)
-2.3.1
--------
+  2.3.1
+---
 - Fix #67 a y chars will invalid error (only in 2.3.0).
-2.3.0
--------
+  2.3.0
+---
 - Add `config.outline` for use outline style.
 - Reduce colors down to 5 (red, blue, green, yellow and black).
-2.2.0
------
+  2.2.0
+---
 - Add option `config.length` for support change number chars. (#57)
 - Add option `config.strikethrough` for enable or disable strikethrough. (#57)
-2.1.3
------
+  2.1.3
+---
 - Windows support fixed with `send_data` method. (#45)
-2.1.2
------
+  2.1.2
+---
 - Do not change captcha when `HEAD /rucaptcha`.
-2.1.1
------
+  2.1.1
+---
 - Mount engine use `prepend` method to get high priority in config/routes.rb.
-2.1.0
------
+  2.1.0
+---
 - Mount Router by default, not need config now.
   > IMPORTANT: Wen you upgrade this version, you need remove `mount RuCaptcha::Engine` line from your `config/routes.rb`
 - Default use [:file_store, 'tmp/cache/rucaptcha/session'] as RuCaptcha.config.cache_store, now it can work without any configurations.
 > NOTE: But you still need care about `config.cache_store` to setup on a right way.
-2.0.3
------
+## 2.0.3
 - Use `ActiveSupport.on_load` to extend ActionController and ActionView.
-2.0.1
------
+  2.0.1
+---
 - Fix `/rucaptcha` path issue when `config.action_controller.asset_host` has setup with CDN url.
-2.0.0
------
+  2.0.0
+---
-*Break Changes!*
+_Break Changes!_
 WARNING!: This version have so many break changes!
@@ -81,29 +118,34 @@ WARNING!: This version have so many break changes!
 - Remove `len`, `font_size`, `cache_limit` config key, no support now.
 - Output `GIF` format.
-1.2.0
------
+  1.2.0
+---
 - Add an `:keep_session` option for `verify_rucaptcha?` method to giva a way for let you keep session on verify, if true, RuCaptcha will not delete the captcha code session after validation.
-1.1.4
------
+  1.1.4
+---
 - Fix #35 just give a warning message if not setup a right cache_store, only raise on :null_store.
-1.1.2
------
+  1.1.2
+---
 - Fix #34 rucaptcha.root_url -> root_path, to avoid generate a http url in a https application.
 - Fix spec to require Ruby 2.0.0, because there have a `Module#prepend` method called.
-1.1.1
------
+  1.1.1
+---
 - Remove inspect log on verify_rucaptcha
-1.1.0
------
+  1.1.0
+---
 - Add `cache_store` config key to setup a cache store location for RuCaptcha.
 - Store captcha in custom cache store.
@@ -112,116 +154,136 @@ WARNING!: This version have so many break changes!
 - Fix Session replay secure issue that when Rails application use CookieStore.
-1.0.0
------
+  1.0.0
+---
 - Adjust to avoid lighter colors.
 - Avoid continuous chars have same color.
 - Use same color for each chars in :black_white mode.
-0.5.1
------
+  0.5.1
+---
 - Make sure it will render image when ImageMagick stderr have warning messages. (#26)
-0.5.0
------
+  0.5.0
+---
 - Fix cache with Rails 5.
-0.4.5
------
+  0.4.5
+---
 - Removed `posix-spawn` dependency, used open3 instead (core funciontality), JRuby compatible (#24)
-0.4.4
------
+  0.4.4
+---
 - Remove deprecated `width`, `height` config.
 - Delete session key after verify (#23).
 - Lighter text color, improve style.
-0.4.2
------
+  0.4.2
+---
 - Fix NoMethodError bug when params[:_rucaptha] is nil.
-0.4.1
------
+  0.4.1
+---
 - Add error message to resource when captcha code expired.
-0.4.0
------
+  0.4.0
+---
 - Add `config.colorize` option, to allow use black text theme.
-0.3.3
------
+  0.3.3
+---
 - Add `config.expires_in` to allow change captcha code expire time.
-0.3.2.1
--------
+  0.3.2.1
+---
 - Add Windows development env support.
-0.3.2
------
+  0.3.2
+---
 - Make better render positions;
 - Trim blank space.
-0.3.1
------
+  0.3.1
+---
 - More complex Image render: compact text, strong lines, +/-5 rotate...
 - [DEPRECATION] config.width, config.height removed, use config.font_size.
 - Fix the render position in difference font sizes.
 - Fix input field type, and disable autocorrect, autocapitalize, and limit maxlength with char length;
-0.2.5
------
+  0.2.5
+---
 - Add `session[:_rucaptcha]` expire time, for protect Rails CookieSession Replay Attack.
 - Captcha input field disable autocomplete, and set field type as `email` for shown correct keyboard on mobile view.
-0.2.3
------
+  0.2.3
+---
 - It will raise error when call ImageMagick failed.
-0.2.2
------
+  0.2.2
+---
 - Added locale for pt-BR language; @ramirovjr
-0.2.1
------
+  0.2.1
+---
 - Fix issue when cache dir not exist.
-0.2.0
------
+  0.2.0
+---
 - Added file cache, can setup how many images you want generate by `config.cache_limit`,
   RuCaptcha will use cache for next requests.
   When you restart Rails processes it will generate new again and clean the old caches.
-0.1.4
------
+  0.1.4
+---
 - Fix `verify_rucaptcha?` logic in somecase.
 - Locales fixed.
-0.1.3
------
+  0.1.3
+---
 - `zh-TW` translate file fixed.
 - Use xxx_url to fix bad captcha URL for `config.action_controller.asset_host` enabled case.
-0.1.2
------
+  0.1.2
+---
 - No case sensitive;
 - Export config.implode;
@@ -229,12 +291,14 @@ WARNING!: This version have so many break changes!
 - Don't generate chars in 'l,o,0,1'.
 - Render lower case chars on image.
-0.1.1
------
+  0.1.1
+---
 - Include default validation I18n messages (en, zh-CN, zh-TW).
-0.1.0
------
+  0.1.0
+---
 - First release.

data/README.md CHANGED

@@ -1,10 +1,13 @@
 # RuCaptcha
 [![Gem Version](https://badge.fury.io/rb/rucaptcha.svg)](https://badge.fury.io/rb/rucaptcha)
-[![Build Status](https://travis-ci.org/huacnlee/rucaptcha.svg)](https://travis-ci.org/huacnlee/rucaptcha)
+[![build](https://github.com/huacnlee/rucaptcha/workflows/build/badge.svg)](https://github.com/huacnlee/rucaptcha/actions?query=workflow%3Abuild)
 This is a Captcha gem for Rails Applications which generates captcha image by C code.
+> NOTE: According to the use of Ruby China, the verification code looks like has a lower than 5% probability of being parsed by OCR and the verification code is cracked. It is recommended that you use the IP rate limit to enhance the protection.
+> NOTE: 以 Ruby China 的使用来看，验证码似乎有低于 5% 的概率被 OCR 读取解析导致验证码被破解（我们从日志分析绝大多数是成功的，但偶尔一个成功，配合大量机器攻击，导致注册了很多的垃圾账号），建议你额外配合 IP 频率限制的功能来加强保护。
 [中文介绍和使用说明](https://ruby-china.org/topics/27832)
 ## Example
@@ -47,7 +50,7 @@ RuCaptcha.configure do
   # self.length = 5
   # enable/disable Strikethrough.
   # self.strikethrough = true
-  # enable/disable Outline style, for hard mode
+  # enable/disable Outline style
   # self.outline = false
 end
 ```
@@ -61,6 +64,7 @@ RuCaptcha 没有使用 Rails Session 来存储验证码信息，因为 Rails 的
 所以，我建议大家使用的时候，配置上 `cache_store` （详见 [Rails Guides 缓存配置部分](https://ruby-china.github.io/rails-guides/caching_with_rails.html#%E9%85%8D%E7%BD%AE)的文档）到一个 Memcached 或 Redis，这才是最佳实践。
 #
 (RuCaptha do not use Rails Session to store captcha information. As the default session is stored in Cookie in Rails, there's a [Replay attack](https://en.wikipedia.org/wiki/Replay_attack) bug which may causes capthcha being destroyed if we store captcha in Rails Session.
 So in my design I require RuCaptcha to configure a distributed backend storage scheme, such as Memcached, Redis or other cache_store schemes which support distribution.

data/app/controllers/ru_captcha/captcha_controller.rb CHANGED

@@ -2,10 +2,11 @@ module RuCaptcha
   class CaptchaController < ActionController::Base
     def index
       return head :ok if request.head?
-      headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
-      headers['Pragma'] = 'no-cache'
+      headers["Cache-Control"] = "no-cache, no-store, max-age=0, must-revalidate"
+      headers["Pragma"] = "no-cache"
       data = generate_rucaptcha
-      opts = { disposition: 'inline', type: 'image/gif' }
+      opts = { disposition: "inline", type: "image/gif" }
       send_data data, opts
     end
   end

data/config/locales/rucaptcha.en.yml CHANGED

@@ -1,3 +1,3 @@
 en:
   rucaptcha:
-    invalid: "Captcha invalid!"
+    invalid: "The captcha code is incorrect (if you can't read, you can click image to refresh it)"

data/config/locales/rucaptcha.zh-CN.yml CHANGED

@@ -1,3 +1,3 @@
 'zh-CN':
   rucaptcha:
-    invalid: "验证码不正确"
+    invalid: "验证码不正确（如无法识别，可以点击刷新验证码）"