RubyGems - rucaptcha - Versions diffs - 0.2.3 → 0.2.5 - Mend

rucaptcha 0.2.3 → 0.2.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +6 -0
data/lib/rucaptcha/controller_helpers.rb +9 -1
data/lib/rucaptcha/version.rb +1 -1
data/lib/rucaptcha/view_helpers.rb +2 -0
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d09e398b9cff324f96e3a24709509f5c8131b01e
-  data.tar.gz: 801d27ee2ad5eca42265d1d1b88f2cced13ec832
+  metadata.gz: 83dddcf03d3e8acd1121b05f1336d520dc5af592
+  data.tar.gz: 68308146916e90db9ff32b4f02906988528812b2
 SHA512:
-  metadata.gz: e72e2878241245b06ac94d3ab3aa8023c1376c2f7913fd2a9e02f9001ec0207a660365da6bb31922ef92e0c5c7ee608f85aba628a2316fb1ba2b1b9f49f8a2c5
-  data.tar.gz: 284fcd0c6c6bbc54122386642e8fa77bc8a2613616c7d6f2992ff08de55a525d621ea6539417969a0c200e0a9fadbbcc63467acfd9329c113fcc7769d885cd9f
+  metadata.gz: b79383bab6530fb996518f8faa08e67fae2bb8c43de138a5e874ebe4866a5df7e901ea7a5e4475eb50b6d060d2e61470b18d3add84fbe336f0e9184762a1b2dc
+  data.tar.gz: 7d43f1c0416454ebbc8bc19c012e90712d41acae249a77c59eaec6be1a02a4eff4c45e3f2940e22c035d8d5193351c7a11b18d2331c0b52bbc3ed87eb175a49f

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,9 @@
+0.2.5
+-----
+- Add `session[:_rucaptcha]` expire time, for protect Rails CookieSession Replay Attack.
+- Captcha input field disable autocomplete, and set field type as `email` for shown correct keyboard on mobile view.
 0.2.3
 -----

data/lib/rucaptcha/controller_helpers.rb CHANGED Viewed

@@ -7,11 +7,19 @@ module RuCaptcha
     end
     def generate_rucaptcha
-      session[:_rucaptcha] = RuCaptcha::Captcha.random_chars
+      session[:_rucaptcha]   = RuCaptcha::Captcha.random_chars
+      session[:_rucaptcha_at] = Time.now.to_i
       RuCaptcha::Captcha.create(session[:_rucaptcha])
     end
     def verify_rucaptcha?(resource = nil)
+      rucaptcha_at = session[:_rucaptcha_at].to_i
+      # Captcha chars in Session expire in 2 minutes
+      if rucaptcha_at.blank? || (Time.now.to_i - rucaptcha_at) > 120
+        return false
+      end
       right = params[:_rucaptcha].present? && session[:_rucaptcha].present? &&
               params[:_rucaptcha].downcase.strip == session[:_rucaptcha]
       if resource && resource.respond_to?(:errors)

data/lib/rucaptcha/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module RuCaptcha
-  VERSION = '0.2.3'
+  VERSION = '0.2.5'
 end

data/lib/rucaptcha/view_helpers.rb CHANGED Viewed

@@ -2,6 +2,8 @@ module RuCaptcha
   module ViewHelpers
     def rucaptcha_input_tag(opts = {})
       opts[:name] = '_rucaptcha'
+      opts[:type] = 'email'
+      opts[:autocomplete] = 'off'
       tag(:input, opts)
     end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rucaptcha
 version: !ruby/object:Gem::Version
-  version: 0.2.3
+  version: 0.2.5
 platform: ruby
 authors:
 - Jason Lee