active_hashcash
active_hashcash copied to clipboard
BaseSecrete
Protect Rails applications against bots and brute force attacks without annoying humans.
Reimplementing the hashing algorithm in JavaScript (see [`Hashcash.sha1`](https://github.com/BaseSecrete/active_hashcash/blob/9202c286b722a1a9103f71145b6b95fee27633df/lib/hashcash.js#L114)) renders this library vulnerable to one specific attack: An attacker could fork this library and use a faster implementation of SHA1 and...
When I run the migration [20240215143453_create_active_hashcash_stamps.rb](../blob/0.3.2/db/migrate/20240215143453_create_active_hashcash_stamps.rb) with MySQL 8.0, the following error occurs: ``` Specified key was too long; max key length is 3072 bytes ``` Reproducing the error: ```...
when we include `ActiveHashcash` in our controller `ActionView::Helpers::FormTagHelper` gets automatically included as well. That changes the `url_for` and leads to some problems on our side. https://github.com/BaseSecrete/active_hashcash/blob/0.4.0/lib/active_hashcash.rb#L7 with `include ActiveHashcash` ```...
This pull request enhances the `hashcash_hidden_field_ta` helper adding: - **Unique ID Assignment:** Automatically generates a unique ID for the hidden field using SecureRandom.hex(4). This ID can be useful for DOM...
Metadata
Owner
Metadata
Protect Rails applications against bots and brute force attacks without annoying humans.