From ee48c630d989923c723218a26e80b8d1f1d93579 Mon Sep 17 00:00:00 2001 From: Benjamin Bock Date: Mon, 19 Feb 2024 20:53:43 +0100 Subject: [PATCH] Run on_spam callback if timestamp triggers but passes through --- CHANGELOG.md | 4 ++++ lib/invisible_captcha/controller_ext.rb | 4 +++- spec/controllers_spec.rb | 12 ++++++++++++ spec/dummy/app/controllers/topics_controller.rb | 16 ++++++++++++++++ spec/dummy/config/routes.rb | 1 + 5 files changed, 36 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ff13f96..64bba7d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,10 @@ All notable changes to this project will be documented in this file. +## Unreleased + +- Run honeypot + spinner checks and their callback also if timestamp triggers but passes through (#132) + ## [2.2.0] - Official support for Rails 7.1 diff --git a/lib/invisible_captcha/controller_ext.rb b/lib/invisible_captcha/controller_ext.rb index e51330d..f39f972 100644 --- a/lib/invisible_captcha/controller_ext.rb +++ b/lib/invisible_captcha/controller_ext.rb @@ -21,7 +21,9 @@ def invisible_captcha(options = {}) def detect_spam(options = {}) if timestamp_spam?(options) on_timestamp_spam(options) - elsif honeypot_spam?(options) || spinner_spam? + return if performed? + end + if honeypot_spam?(options) || spinner_spam? on_spam(options) end end diff --git a/spec/controllers_spec.rb b/spec/controllers_spec.rb index ab49e65..dad7ecb 100644 --- a/spec/controllers_spec.rb +++ b/spec/controllers_spec.rb @@ -71,6 +71,12 @@ def custom_timestamp_callback .to be_present end + it 'runs on_spam callback if on_timestamp_spam callback is defined but passes' do + put :test_passthrough, params: { id: 1, topic: { title: 'bar', subtitle: 'foo' } } + + expect(response.status).to eq(204) + end + context 'successful submissions' do it 'passes if submission on or after timestamp_threshold' do sleep InvisibleCaptcha.timestamp_threshold @@ -98,6 +104,12 @@ def custom_timestamp_callback expect(flash[:error]).not_to be_present expect(response.body).to redirect_to(new_topic_path) end + + it 'passes if on_timestamp_spam doesn\'t perform' do + put :test_passthrough, params: { id: 1, topic: { title: 'bar' } } + + expect(response.body).to redirect_to(new_topic_path) + end end end diff --git a/spec/dummy/app/controllers/topics_controller.rb b/spec/dummy/app/controllers/topics_controller.rb index 4d24f8a..e99952f 100644 --- a/spec/dummy/app/controllers/topics_controller.rb +++ b/spec/dummy/app/controllers/topics_controller.rb @@ -13,6 +13,10 @@ class TopicsController < ApplicationController invisible_captcha only: :categorize + invisible_captcha honeypot: :subtitle, only: :test_passthrough, + on_spam: :catching_on_spam_callback, + on_timestamp_spam: :on_timestamp_spam_callback_with_passthrough + def index redirect_to new_topic_path end @@ -56,6 +60,10 @@ def copy end end + def test_passthrough + redirect_to new_topic_path + end + private def custom_callback @@ -65,4 +73,12 @@ def custom_callback def custom_timestamp_callback head(204) end + + def on_timestamp_spam_callback_with_passthrough + end + + def catching_on_spam_callback + head(204) + end + end diff --git a/spec/dummy/config/routes.rb b/spec/dummy/config/routes.rb index 4799022..1c7e4f6 100644 --- a/spec/dummy/config/routes.rb +++ b/spec/dummy/config/routes.rb @@ -4,6 +4,7 @@ post :rename, on: :collection post :categorize, on: :collection post :copy, on: :collection + post :test_passthrough, on: :collection end root to: 'topics#new'