spambust 0.1.1 → 0.1.2

checksums.yaml

@@ -1,15 +1,15 @@
 ---
 !binary "U0hBMQ==":
   metadata.gz: !binary |-
-    NTk2ZWQ3NDRhM2Y4ZTExYTYzMzcyYmU0NDdlNjc0MTYwZDFlZDFkNA==
+    NjQ1MDVhMzViYzFiMzFmNjA1OTU3NjM0ZjllNjJhM2IzZjFlNjc5Nw==
   data.tar.gz: !binary |-
-    ZGNiOWU4ODM5MjViOWZhNWQ5ZDdmYjI0MTBjYzAzYjRkZDIwNGM0ZQ==
+    ZmJkZjFhNmQ1NzJjNjZjY2RjMDU5MDdlMzA3YzdiYTk2NGQ4NDM1OQ==
 SHA512:
   metadata.gz: !binary |-
-    ZGIwMzYzMjA3NjIxODkwNzE5MjQ5YTRhZWE3YmU5YjA4ZDAyMjhhYWVmZGZi
-    NDQ4ZDk0MjNlYmQwYTdkYzU5ZjNhY2YwNGM3MmZiOTY1NmU2NWI3NTQ2ZmRj
-    ODhhNzNkZTllYjdiZjZlOTBlMDc1MDU1NTU1OTg5OTAxOWZiZGI=
+    MzY3MzE3YmVlZjE3OGRjMTY3YzEzMDg3Y2VjNjI1YTM5MzYwZWEwOWJjNWYw
+    OGM4NmIxOTc1NzNlNjE3ZDVjOGJiYjM3NzY5MGFmOTQ4M2FmNzgwNmIxZDQ4
+    MGJiZTkzNTQ0OTFlZjY5ZGYzMzg4OTQwNjExMGNlZjczMDVkMzg=
   data.tar.gz: !binary |-
-    NzMyYzRlY2QzOWE4MDg4NDA5NTM0YmQ2OTc3YWU2YzZkN2Y4NzQ3NmNiYzlj
-    YzFmYWYwNWQ2YTk3ZmQxMDYzYWQ0YzJjYmJiNzQ1NDk0NTZiMzZjODY5OWZj
-    NDcyNGE4MWNiNzk0ZGZlYWMxZDM3N2QzZWQ3M2QyZjRhM2FjMDA=
+    OThkNjc2NjY1MDBjZjVhZmJkNDNhYzNmYTQ1Y2M4MjE4OTVkOWZhNzVhNmE2
+    MjdiYTJhYWViZjJmODQ5NWNlNWQwZmU2MWNjZWViZTM2N2VjYTEzMjQyM2Ux
+    OGFmNTcxZTI1Mzk3NmY5MjgxMGE3MTM5MDA1YjA0YWJkZDZkZDY=

data/README.md

@@ -1,8 +1,110 @@
+[![Build Status](https://secure.travis-ci.org/chiku/spambust.png?branch=master)](https://travis-ci.org/chiku/spambust)
+
 spambust
-=======
+========
+
+Overview
+--------
+
+Prevent spams bots from attacking your website.
+
+Dependencies
+------------
+
+These are no runtime dependencies for this gem.
+
+Installation
+------------
+
+``` script
+gem install spambust
+```
+
+Usage
+------
+
+*app.rb*
+
+``` ruby
+class TestApp < Sinatra::Base
+  helpers Spambust::FormHelpers
+
+  class << self
+    def start_app
+      run!
+    end
+
+    def direct_script_execution?
+      app_file == $0
+    end
+  end
+
+  get "/" do
+    erb :index, :locals => { :result => "..." }
+  end
+
+  post '/' do
+    result = valid?("user", params) ? "Users is #{decrypt("user", params)}" : "Faking is bad"
+    erb :index, :locals => { :result => result }
+  end
+
+  start_app if direct_script_execution? && ENV["environment"] != "test"
+end
+```
+
+*index.erb*
+
+``` erb
+<html>
+   <head>
+      <title>Sample Sinatra application</title>
+    </head>
+    <body>
+      <div id="result"><%= result %></div>
+
+      <form method="post" action="/">
+        <label for="user-first-name">First name</label>
+        <%= input ["user", "first_name"], :id => "user-first-name" %>
+
+        <label for="user-last-name">Last name</label>
+        <%= input ["user", "last_name"], :id => "user-last-name" %>
+
+        <label for="user-email">Email</label>
+        <%= input ["user", "email"], :size => 40, :id => "user-email" %>
+
+        <%= submit "Create account", :id => "user-submit" %>
+      </form>
+   </body>
+</html>
+```
+
+*output*
+
+``` html
+<input type="text" name="ee11cbb19052e40b07aac0ca060c23ee[2a034e9d9e2601c21191cca53760eaaf]" id="user-first-name" />
+<input type="hidden" name="user[first_name]" />
+```
+
+How does it work?
+-----------------
+
+The server will render obfustated input tags for the user to fill. The input tags for the user will be hidden. A spam bot would see the input tags will meaningful names and fill it in. The server will figure out that this response came from a bot and take approriate action.
+
+Running tests
+-------------
+
+Clone the repository and run `rake` from the root directory.
+
+Contributing
+------------
+
+* Fork the project.
+* Make your feature addition or bug fix.
+* Add tests for it. This is important so I don't break it in a future version unintentionally.
+* Commit, but do not mess with the VERSION. If you want to have your own version, that is fine but bump the version in a commit by itself in another branch so I can ignore it when I pull.
+* Send me a pull request.
 
-Sinatra form helper to reduce spams
+License
+-------
 
-Render input tags with a masked name. The input tags with proper tags are hidden.
-We expect a spam bot to fill the incorrect input tags. The server would pick the spam bot
-and respond accordingly.
+This gem is released under the MIT license. Please refer to LICENSE for more details.

data/lib/spambust/form_helpers.rb

@@ -1,7 +1,80 @@
 require "digest/md5"
 
+# form_helper.rb
+#
+# Author::    Chirantan Mitra
+# Copyright:: Copyright (c) 2013. All rights reserved
+# License::   MIT
+#
+
 module Spambust
+  # This module provides form helpers for sinatra or alike DSLs/frameworks to test for spams
+  #
+  # Example:
+  #  class TestApp < Sinatra::Base
+  #    helpers Spambust::FormHelpers
+  #
+  #    class << self
+  #      def start_app
+  #        run!
+  #      end
+  #
+  #      def direct_script_execution?
+  #        app_file == $0
+  #      end
+  #    end
+  #
+  #    get "/" do
+  #      erb :index, :locals => { :result => "..." }
+  #    end
+  #
+  #    post '/' do
+  #      result = valid?("user", params) ? "Users is #{decrypt("user", params)}" : "Faking is bad"
+  #      erb :index, :locals => { :result => result }
+  #    end
+  #
+  #    start_app if direct_script_execution? && ENV["environment"] != "test"
+  #  end
+  #
+  #  index.erb
+  #
+  #  <html>
+  #     <head>
+  #        <title>Sample Sinatra application</title>
+  #      </head>
+  #      <body>
+  #        <div id="result"><%= result %></div>
+  #
+  #        <form method="post" action="/">
+  #          <label for="user-first-name">First name</label>
+  #          <%= input ["user", "first_name"], :id => "user-first-name" %>
+  #
+  #          <label for="user-last-name">Last name</label>
+  #          <%= input ["user", "last_name"], :id => "user-last-name" %>
+  #
+  #          <label for="user-email">Email</label>
+  #          <%= input ["user", "email"], :size => 40, :id => "user-email" %>
+  #
+  #          <%= submit "Create account", :id => "user-submit" %>
+  #        </form>
+  #     </body>
+  #  </html>
+
   module FormHelpers
+    # Returns obfustated input tags together with its fake hidden input tags
+    #
+    #  Use inside your templates to generate an obfuscated input field. This is the field that the server will use.
+    #  If the server sees that fields with original names (which are hidden) are filled, the server should assume
+    #  it be be a spam. It also accepts options for input type and other CSS properties.
+    #
+    #  input(["user", "name"])
+    #  # => <input type="text" name="#{user_md5}[#{name_md5}]" /><input type="hidden" name="user[name]" />
+    #
+    #  input(["user", "name"], :type => "password")
+    #  # => <input type="password" name="#{user_md5}[#{name_md5}]" /><input type="hidden" name="user[name]" />
+    #
+    #  input(["user", "name"], :id => "name", :class => "name")
+    #  # => <input type="text" name="#{user_md5}[#{name_md5}]" id="name" class="name" /><input type="hidden" name="user[name]" class="name" />
     def input(paths, options = {})
       type               = options.delete(:type) || "text"
       options_without_id = options.select { |key, value| key != :id }
@@ -11,17 +84,32 @@ module Spambust
       %Q(<input type="#{type}" name="#{namify digested_paths}"#{others} /><input type="hidden" name="#{namify paths}"#{others_without_id} />)
     end
 
+    # Returns submit tags
+    #
+    #  Use inside your templates to generate a submit tag.
+    #  It also accepts options for CSS properties.
+    #
+    #  submit("Submit")
+    #  # => <input type="submit" value="Submit" />
+    #
+    #  submit("Submit", :id => "submit", :class => "submit")
+    #  # => <input type="submit" value="Submit" id="submit" class="submit" />
     def submit(text, options = {})
       others = hash_to_options(options)
       %Q(<input type="submit" value="#{text}"#{others} />)
     end
 
-    def namify(paths)
+    def namify(paths) # :nodoc:
       first = paths[0]
       rest  = paths[1..-1].reduce("") { |acc, path| acc << "[#{path}]" }
       "#{first}#{rest}"
     end
 
+    # Returns decrypted hash of user submitted POST parameters
+    #
+    #  Use inside your application.
+    #
+    #  decrypt("user", params)
     def decrypt(lookup, global)
       fake = global[lookup] || {}
       hashed_lookup = Digest::MD5.hexdigest(lookup)
@@ -33,12 +121,17 @@ module Spambust
       end
     end
 
+    # Returns if any POST data was present in the fake input fields
+    #
+    #  Use inside your application.
+    #
+    #  valid?("user", params)
     def valid?(lookup, global)
       fake = global[lookup] || {}
       fake.none? { |key, value| value != "" }
     end
 
-    def hash_to_options(hash)
+    def hash_to_options(hash) # :nodoc:
       hash.reduce("") { |acc, (key, value)| acc << %Q( #{key}="#{value}") }
     end
     private :hash_to_options

data/lib/spambust/version.rb

@@ -1,3 +1,3 @@
 module Spambust
-  VERSION="0.1.1"
+  VERSION = "0.1.2" # :nodoc:
 end

data/spec/spambust/demo_app.rb

@@ -1,3 +1,5 @@
+#!/usr/bin/env ruby
+
 require "sinatra"
 require File.expand_path "../../lib/spambust/form_helpers", File.dirname(__FILE__)
 
@@ -16,12 +18,12 @@ module Spambust
     end
 
     get "/" do
-      erb :index
+      erb :index, :locals => { :result => "..." }
     end
 
     post '/' do
-      @result = valid?("user", params) ? "Users is #{decrypt("user", params)}" : "Faking is bad"
-      erb :index
+      result = valid?("user", params) ? "Users is #{decrypt("user", params)}" : "Faking is bad"
+      erb :index, :locals => { :result => result }
     end
 
     start_app if direct_script_execution? && ENV["environment"] != "test"

data/spec/spambust/form_helpers_spec.rb

@@ -93,31 +93,37 @@ describe "Bustspam::FormHelpers" do
   end
 
   describe "#valid?" do
-    it "is true is none of the paths under lookup are populated" do
-      params = {
-        "user" => { "name" => ""},
-        user_md5 => { name_md5 => "true value" }
-      }
+    describe "when none of the paths under lookup are populated" do
+      it "is true" do
+        params = {
+          "user" => { "name" => ""},
+          user_md5 => { name_md5 => "true value" }
+        }
 
-      subject.valid?("user", params).must_equal true
+        subject.valid?("user", params).must_equal true
+      end
     end
 
-    it "is false is one of the paths under lookup is populated" do
-      params = {
-        "user" => { "name" => "spam value"},
-        user_md5 => { name_md5 => "true value" }
-      }
+    describe "when one of the paths under lookup is populated" do
+      it "is false" do
+        params = {
+          "user" => { "name" => "spam value"},
+          user_md5 => { name_md5 => "true value" }
+        }
 
-      subject.valid?("user", params).must_equal false
+        subject.valid?("user", params).must_equal false
+      end
     end
 
-    it "is true is lookup doesn't exist" do
-      params = {
-        "user" => { "name" => "spam value"},
-        user_md5 => { name_md5 => "true value" }
-      }
+    describe "when lookup doesn't exist" do
+      it "is true" do
+        params = {
+          "user" => { "name" => "spam value"},
+          user_md5 => { name_md5 => "true value" }
+        }
 
-      subject.valid?("user_missing", params).must_equal true
+        subject.valid?("user_missing", params).must_equal true
+      end
     end
   end
 end

data/spec/spambust/views/index.erb

@@ -3,7 +3,7 @@
       <title>Sample Sinatra application</title>
     </head>
     <body>
-      <div id="result"><%= @result %></div>
+      <div id="result"><%= result %></div>
 
       <form method="post" action="/">
         <label for="user-first-name">First name</label>

data/spec/spec_helper.rb

@@ -1,7 +1,7 @@
 require "rack/test"
 require "sinatra/base"
 
+gem "minitest"
 require "minitest/autorun"
-require "minitest/spec"
 
-ENV["environment"] = "test"
+ENV["environment"] = "test"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: spambust
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.1.2
 platform: ruby
 authors:
 - Chirantan Mitra
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-11-11 00:00:00.000000000 Z
+date: 2013-11-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sinatra
@@ -38,6 +38,34 @@ dependencies:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rack-test
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -52,13 +80,11 @@ dependencies:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
-description: ! 'Render input tags with a masked name. The input tags with proper tags
+description: ! 'Render input tags with a masked name. The input tags with proper names
   are hidden.
 
-  We expect a spam bot to fill the incorrect input tags. The server would pick the
-  spam bot
-
-  and respond accordingly.
+  A spam bot is expected to fill the incorrect input tags. The server would indentify
+  this and respond appropriately.
 
 '
 email: