Bouncy Bots!

A simple negative captcha for rails.

A negative captcha flips the normal captcha on its head, rather than asking humans identify themselves, we trick the bots into identifying themselves. We do this by placing honey pots in a form that are invisible to a human, but visible to a bot. When the bot submits the form, we look for the honey pot entries and discard the form submission if we find any.

Installing Bouncy Bots!

Bouncy Bots! is available as a gem from github. Install the gem with the following command:

% sudo gem install —source http://gems.github.com/ leshill-bouncy_bots

After you have the gem installed, add a config.gem line to your environment.rb file:

config.gem ‘leshill-bouncy_bots’, :lib => ‘bouncy_bots’, :version => ‘>= 0.1.1’

Using Bouncy Bots!

Controllers

Use the bounce_bots macro in your controllers to detect and bounce bots. The macro takes two parameters, the honey pot field name and the redirect path or url. For example, to check for the field :blog_url and redirect bots to the pages_path :

bounce_bots :blog_url, :pages_path

You can also pass the standard controller filter options such as :only or :except :

bounce_bots :blog_url, :pages_path, :only => [:create, :update]

Views

In your form views, add the honey pot field. If you are using form_tag, you can use any form element, for example (using haml):

= text_field_tag :blog_url, nil, :class => ‘long_required’

In your stylesheet, add a rule to ‘hide’ the field:

input.long_required { display:none; }

If you use form_for, there are two helpers to simplify making the honey pot.

= f.bounce_label ‘Blog Url’, :class => ‘long_required’ %br = f.bounce_field :class => ‘long_required’

And that’s it.

Copyright

Copyright © 2009 Les Hill and Desi McAdam. See LICENSE for details.