Module: Spambust::FormHelpers
- Defined in:
- lib/spambust/form_helpers.rb
Overview
Form helpers for sinatra or similar DSLs/frameworks to block for spams
Constant Summary collapse
- HIDING =
This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.
'position:absolute;top:-10000px;left:-10000px;'
- BLOCKED_OPTIONS =
This constant is part of a private API. You should avoid using this constant if possible, as it may be removed or be changed in the future.
%i[id class style].freeze
Instance Method Summary collapse
-
#decrypt(lookup, global) ⇒ Object
Returns decrypted hash of user submitted POST parameters Use inside your application.
-
#input(paths, options = {}) ⇒ String
Returns obfuscated input tags together with its fake input tags that are rendered off the screen.
-
#namify(paths) ⇒ String
private
Returns a nested input name.
-
#submit(text, options = {}) ⇒ String
Returns submit tags.
-
#valid?(lookup, global) ⇒ Boolean
Returns if any POST data was present in the fake input fields.
Instance Method Details
#decrypt(lookup, global) ⇒ Object
Returns decrypted hash of user submitted POST parameters Use inside your application.
146 147 148 149 150 151 152 153 154 |
# File 'lib/spambust/form_helpers.rb', line 146 def decrypt(lookup, global) fake = global[lookup] || {} hashed_lookup = digest(lookup) subset = global[hashed_lookup] || {} fake.each_with_object({}) do |(key, _value), real| real[key] = subset[digest(key)] end end |
#input(paths, options = {}) ⇒ String
Returns obfuscated input tags together with its fake input tags that are rendered off the screen
Use inside your templates to generate an obfuscated input field. This is the field that the server will use. If the server sees that fields with original names are filled, the server should assume it be be a spam. It also accepts options for input type and other CSS properties.
92 93 94 95 96 97 98 99 100 101 |
# File 'lib/spambust/form_helpers.rb', line 92 def input(paths, = {}) type = .delete(:type) || 'text' = .reject { |key, _value| BLOCKED_OPTIONS.include?(key) } digested_paths = paths.map { |path| digest(path) } = .merge(type: type, name: namify(digested_paths)) = .merge(type: 'text', name: namify(paths), style: HIDING) visible_tag = %(<input #{ } />) hidden_tag = %(<input #{ } />) "#{visible_tag}#{hidden_tag}" end |
#namify(paths) ⇒ String
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Returns a nested input name
131 132 133 134 135 |
# File 'lib/spambust/form_helpers.rb', line 131 def namify(paths) first = paths[0] rest = paths[1..-1].reduce([]) { |a, e| a << "[#{e}]" }.join('') "#{first}#{rest}" end |
#submit(text, options = {}) ⇒ String
Returns submit tags
Use inside your templates to generate a submit tag. It also accepts for CSS options.
120 121 122 123 |
# File 'lib/spambust/form_helpers.rb', line 120 def submit(text, = {}) = .merge(type: 'submit', value: text) %(<input #{ } />).gsub(' ', ' ') end |
#valid?(lookup, global) ⇒ Boolean
Returns if any POST data was present in the fake input fields
Use inside your application.
166 167 168 169 |
# File 'lib/spambust/form_helpers.rb', line 166 def valid?(lookup, global) fake = global[lookup] || {} fake.values.all?(&:empty?) end |