wjcrowcroft / motioncaptcha Goto Github PK
View Code? Open in Web Editor NEWMotionCAPTCHA jQuery Plugin - Stop Spam, Draw Shapes
Home Page: http://josscrowcroft.com/projects/motioncaptcha-jquery-plugin/
MotionCAPTCHA jQuery Plugin - Stop Spam, Draw Shapes
Home Page: http://josscrowcroft.com/projects/motioncaptcha-jquery-plugin/
I have friends who's dyslexia prevents them from following a line with their finger, nothing to do with training or intelligence, its a full blown bonafied disability and asking them to trace a line is pretty much an impossible task as it will take them a very very long time to do if even possible.
Its the only thing that comes to mind regarding these.
Hi
When we use it with Android, and Magnify the canvas,
it does not work, I could not draw any line on canvas.
but if I go back 100% display , it work.
Do you have any reason ?
Kazu
The project link is broken http://www.josscrowcroft.com/projects/motioncaptcha-jquery-plugin/
Hi, there exists a problem, if we verify whether a user is human or bots in browser, bots can simply ignore the CAPTCHA and send packages the same as a human who passed the CAPTCHA.
The canvas is there but the image to draw is not showing up. I noticed on your demo, the background-position is overwritten and removed by the JS. But in my firebug, I see that the background-position is -9999px -9999px:
background-attachment: scroll;
background-clip: border-box;
background-color: #FFFFFF;
background-image: url("motionCaptcha-shapes.jpg") !important;
background-origin: padding-box;
background-position: -9999px -9999px;
background-repeat: no-repeat;
background-size: auto auto;
height: 154px;
width: 220px;
}
Maybe is jQuery in this project ok, but much better would be http://angular-ui.github.io/ in case use it in Node.js.
Is there plan to integrate it with this?
Last update is 6 years old, it works fine, it recognize good or bad schema, my questions are :
What is wrong with this motion captcha ? Lack of accessibility ? Not mobile friendly ?
Why isn't there more engagement with it? Technical issue that allows bots to pass anyway ?
This may seem rather pedantic, but it would probably help if some text along the lines of "starting from the dot" was added to the caption for the drawing canvas.
For example, the new text could read "Please draw the shape in the box starting from the dot to submit the form:" or something like it.
Can you provide sample files in your package?
I do not know how to make it work.
Thanks!!
seems like the default values ask for 'action' but the code in the JS file is looking for 'actionId' . So after the user successfully draws the right shape, the action parameter of the form can get changed.
How is this going to stop anything other than “human spammers” (which are close to non-existent compared to spam-bots anyways)? Any decent bot will (in time) just retrieve the “hidden” URL and use it to post it’s spam to. It doesn’t care if it has to parse the action attribute or some other field to get the URL to post the data to.
If you want this to be of any use at all, you’ll need to send the strokes themselves (or a “fingerprint” or “hash” of them) to the server and let the server decide whether the captcha is passed or not.
I'm sorry. I like your idea and out-of-the-box thinking. But it's practical use (fight automated spam) is close to zero.
I started hacking on a simple library for drawing lines with HTML + CSS 3 last night. IE support is possible, right now I'm struggling with the DXImageTransform.Microsoft.Matrix to get the rotation origin right.
It doesn't perform well on very large drawings (the DOM get's fairly large because of many DIV elements), but it could be a good fit for MotionCAPTCHA.
The Captcha has 16 static images to validate with. This is the same folly of many previous captcha systems.
Even if there were 10,000 images, the same issue would occur.
A simple check for which image is presented can be defeated by passing the correct data points, even when you reach your road map's v1.0
To give you some quick history on previously broken captchas, they basically MD5'd the image, and passed in the text. You could pay $50 to crack thousands of captchas, and keep spamming wherever you like as you please.
The same issue exists here, you can grep the source to find the image, and return with data that is known to validate..
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.