Captcha and ugly styling text showing on my form about invisible_captcha HOT 8 CLOSED

OK, thanks for that @markets.

RefineryCMS has some "sanitization" code that strips out various html elements and attributes. Since style and media were not whitelisted, they were being stripped. For refinerycms users who are experiencing the same issue, you'll need to update config/initializers/refinery/pages.rb and add the following lines:

config.add_whitelist_elements << 'style'
config.add_whitelist_attributes << 'media'

of course, this may open you up to malicious css hacks if your site accepts surfer input

from invisible_captcha.

My guess is that the gem simple_form_for is somehow modifying the html for the form in such a way that the styling that would ordinarily keep the invisible_captcha invisible is being stripped/altered. If you aren't already aware of this, you can press ctrl-u (or whatever the mac equivalent is) in most browers to see the actual source HTML code that is sent to the browser before any javascript starts changing it. You'll want to check that the css that (I believe) invisible_captcha uses is also loading on the page in question and that those styles are not being overridden by other styles. Pressing ctrl-shift-c will reveal the inspector in most browsers which you can use to check many things. Good luck.

from invisible_captcha.

@charlesdeb @markets thank you both for your suggestions! I'll keep investigating in that direction...

from invisible_captcha.

Hi @charlesdeb and thanks for trying Invisible Captcha! Your usage seems fine, didn't see anything wrong with your shared snippets. Also the generated HTML seems the expected by the helper call. Perhaps your browser or your CSS are interfering here? Could you please share your Rails version, Invisible Captcha version and your custom settings (if any)?

from invisible_captcha.

I'm on rails 4.2.9, using invisible_captcha 0.12.0 and no custom settings. I am running it with refinery-cms 3.0.5 and bootstrap 4.0.0.alpha6. Yes, something is monkeying with the css styles. Assuming there is nothing weird about the rails versions, I will dig into what could be causing the contents of the html style tag to actually display as text in the page.

from invisible_captcha.

Hey @charlesdeb I'm using Invisible Captcha in several Rails apps, actually, one of them is running almost same versions (Rails 4.2.11, Invisible Captcha 0.12.0 and even Bootstrap 4.1.3) and it works fine.

I just checked locally in a fresh Rails 4.2 app, and I can't reproduce this behavior you're seeing in your app. Also, tests and demo app, are working fine under Rails 4.2 . So yes, I'd say that's something related to your environment (css, js, browser extensions, other plugins ...).

Please keep in touch, would be interesting to know what's causing this.

from invisible_captcha.

Hi @markets! Hope it's ok to write here (pretty new to web dev :) ), as I am facing a similar issue: the invisible captcha field is blocking as it should, but is also visible.

The view:

<%= simple_form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
	<div class="form-inputs">
		<%= f.input :email, required: false, autofocus: true %>
		<%= f.input :password, required: false %>
		<%= invisible_captcha :subtitle %>
		<%= f.input :remember_me, as: :boolean if devise_mapping.rememberable? %>
	</div>

The controller:

invisible_captcha only: :create, honeypot: :subtitle, on_spam: :your_spam_callback_method
  private

  def your_spam_callback_method
    redirect_to root_path
  end

Rails version: 5.1.4
Invisible Captcha version: 0.12.1
Only custom setting, I have slightly changed the wording for config.sentence_for_humans
I am not using RefineryCMS.

Do you have any idea about why this could be happening?

Thank you!

from invisible_captcha.

Hi @RMonteR and thanks for trying this gem!

Usually it's better to open new issues for new problems/questions, this one was closed by #45 (comment), so we can safely say this is totally unrelated to "your problem".

For more SimpleForm things, check this issue: #34, still open with no info to take a decision...

As @charlesdeb commented above, you should check the styles via a web inspector, maybe another gem or js library is overriding the invisible_captcha styles. From invisible_captcha code, the only thing that makes the honeypot visible is the visual_honeypots option (which is false by default).

from invisible_captcha.