produck / svg-captcha Goto Github PK

When used in typescript, cannot make this call. Any idea how to make the call below in typescript?
svgCaptcha(text, options)

Hello, it seems that transform by matrix is not secure, because skew removes when we remove attribute. So my proposal is to transform letters not on "render" stage of browser, but before we transform letters into path. How do you think about that?

Which version of svg-captcha are you using?
1.3.8
Do you want to request a feature or report a bug?
bug
If this is a feature request, what is motivation for changing the behavior?

If it is a bug, which version of svg-captcha are you using?
1.3.8
What is the current behavior?
Unable to set custom chars
What is the expected behavior?
Wnaht to set custom chars
Step to reproduce the bug or other relevant information
if you set to option charPreset, it will not work. The problem in random.js file line 32 (let chars = opts.charPreset;) please change this line to let chars = options.charPreset || opts.charPreset;

Do you want to request a feature or report a bug?

If this is a feature request, what is motivation for changing the behavior?

If it is a bug, which version of svg-captcha are you using?

What is the current behavior?

What is the expected behavior?

Step to reproduce the bug or other relevant information

Do you want to request a feature or report a bug?

If this is a feature request, what is motivation for changing the behavior?

If it is a bug, which version of svg-captcha are you using?

What is the current behavior?

What is the expected behavior?

Step to reproduce the bug or other relevant information

Bug: Math Expression result are not between min and max config options
Version: 1.4.0

Current behavior:

svgCaptcha.createMathExpr({
   noise: 1,
   mathMin: 1,
   mathMax: 9,
   background: 'black',
});

outputs: 6 + 5, 5 + 6, 3 + 4, ...

Expected behavior:
According to the docs, the result of the expression must be between 1 and 9

It seems each element in the expression is between mathMin and mathMax but not the result.

May be a bug either in the implementation or in the docs.

Thanks

Hello!

The README implementation may not provide the anti-bot guarantees necessary.

Someone who's writing a bot would only have to request one captcha and find its solution. Once the attacker finds the solution, so long as they never request another captcha, they can continuously send the same solution over and over. There is nothing to force the attacker to request a new captcha and regenerate the solution, especially if the attacker doesn't use a browser (and therefore doesn't automatically load the image)

I understand it's just README sample code, but I would recommend leaving a note on the README that suggests people don't blindly copy-and-paste and throw it into production.

A solution is could be as easy as invalidating the session once a user tries to answer/respond to the captcha

hello, we need to support viewBox property for responsive webpage

plz handle it on pull requests

You must create a number of points on the path of each letter and randomize each point's X and Y position by a random value (with a range based on the font size) that overlaps with only the next point or the previous point.

Then you can have a trustable captcha.

Is it possible to revert the text?

Do you want to request a feature or report a bug?

If this is a feature request, what is motivation for changing the behavior?

If it is a bug, which version of svg-captcha are you using?

What is the current behavior?

What is the expected behavior?

Step to reproduce the bug or other relevant information

This is my code:

svgCaptcha.randomText({
    size: 4,
    ignoreChars: 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'
})

This code can generate captcha such as 3018, 729, 91.

I think setup that size 4 should generate 3018, 0729, 0091, etc.

What's your think?

Thanks for your works.

svg-captcha is a great npm package.

When run in nextjs production mode. I got error.

Error: ENOENT: no such file or directory, open '/fonts/Comismsh.ttf'
    at Object.openSync (fs.js:440:3)
    at Object.readFileSync (fs.js:342:35)
    at Object.loadSync (/app/.next/serverless/pages/api/user/captcha.js:15277:21)
    at Object.<anonymous> (/app/.next/serverless/pages/api/user/captcha.js:2135:23)
    at Object.6HnN (/app/.next/serverless/pages/api/user/captcha.js:2162:30)
    at __webpack_require__ (/app/.next/serverless/pages/api/user/captcha.js:23:31)
    at Object./RNt (/app/.next/serverless/pages/api/user/captcha.js:344:14)
    at __webpack_require__ (/app/.next/serverless/pages/api/user/captcha.js:23:31)
    at Object.UTAq (/app/.next/serverless/pages/api/user/captcha.js:41692:16)
    at __webpack_require__ (/app/.next/serverless/pages/api/user/captcha.js:23:31)
    at Object.ctv8 (/app/.next/serverless/pages/api/user/captcha.js:42800:18)
    at __webpack_require__ (/app/.next/serverless/pages/api/user/captcha.js:23:31)
    at Object.<anonymous> (/app/.next/serverless/pages/api/user/captcha.js:1331:20)
    at Object.2g5n (/app/.next/serverless/pages/api/user/captcha.js:1347:30)
    at __webpack_require__ (/app/.next/serverless/pages/api/user/captcha.js:23:31)
    at Object.ONz8 (/app/.next/serverless/pages/api/user/captcha.js:39493:30)
    at __webpack_require__ (/app/.next/serverless/pages/api/user/captcha.js:23:31)
    at Module.f2QB (/app/.next/serverless/pages/api/user/captcha.js:43242:75)
    at __webpack_require__ (/app/.next/serverless/pages/api/user/captcha.js:23:31)
    at Module.module.exports.o2LP.__webpack_exports__.default (/app/.next/serverless/pages/api/user/captcha.js:48383:26)
    at Server.handleApiRequest (/app/node_modules/next/dist/next-server/server/next-server.js:248:35)
    at processTicksAndRejections (internal/process/task_queues.js:93:5)
    at async Object.fn (/app/node_modules/next/dist/next-server/server/next-server.js:195:21)
    at async Server.run (/app/node_modules/next/dist/next-server/server/next-server.js:298:17) {
  errno: -2,
  syscall: 'open',
  code: 'ENOENT',
  path: '/fonts/Comismsh.ttf'
}

I reported an issue in:
tormozz48/algebraic-captcha#16

https://github.com/haua/svg-captcha-recognize

Do you want to request a feature or report a bug?

If this is a feature request, what is motivation for changing the behavior?

If it is a bug, which version of svg-captcha are you using?

What is the current behavior?

What is the expected behavior?

Step to reproduce the bug or other relevant information

大量的问题相关对象产生不释放

Do you want to request a feature or report a bug?

If this is a feature request, what is motivation for changing the behavior?

If it is a bug, which version of svg-captcha are you using?

What is the current behavior?

What is the expected behavior?

Step to reproduce the bug or other relevant information

Do you want to request a feature or report a bug?
Feature

If this is a feature request, what is motivation for changing the behavior?
Increase SVG compatibility to allow CSS styling by including the viewBox attribute.

What is the current behavior?
Generating an SVG captcha results in the following SVG tag without viewBox:

<svg xmlns="http://www.w3.org/2000/svg" width="${width}" height="${height}">

What is the expected behavior?
Generating an SVG captcha should also include a viewBox:

<svg xmlns="http://www.w3.org/2000/svg" width="${width}" height="${height}" viewBox="0,0,${width},${height}">

Step to reproduce the bug or other relevant information
The line lib/index.js:75 should be updated to include a viewBox attribute. This allows CSS rules like width: auto and height: auto to be applied. This non-breaking change furthermore allows the captcha to cover or be contained in a parent div by applying the css object-fit property.

Hey guys, I just forked your project, wanted to improve it by generating a sequence that can not be gamed with ai. Forked the latest version (3.0.0) and nothing in there works, methods are referenced that don't exist, etc etc....

What's a stable version you guys are using? Please respond quickly because I really need this for an important project, if you see this issue when it's 7+ days old, please disregard it, by then I've built my own captcha generator.

I use it in react index.js, got this error: fs.readFileSync is not a function?

I am new to reactjs, I want to know how to install this in a form

How to put all the characters in blue (or red) color while holding the white background?

I set up random background color for the captcha but sometimes the text color is similar to the background color.

Do you want to request a feature or report a bug?

If this is a feature request, what is motivation for changing the behavior?

If it is a bug, which version of svg-captcha are you using?

What is the current behavior?

What is the expected behavior?

Step to reproduce the bug or other relevant information

在本地node环境下开发时，刷新接口验证码svg图片会更新。但是部署在服务器上怎么访问多次接口svg图片没发生改变，请求这是什么原因呢？谢谢
API地址：https://kc.hcode.xyz/api/code
是这样写的：

`
// 获取验证码
const svgCaptcha = require('svg-captcha');

module.exports = callback => {
let codeConfig = {
size: 5,// 验证码长度
ignoreChars: '0o1i', // 验证码字符中排除 0o1i
noise: 2, // 干扰线条的数量
height: 45
}
let captcha = svgCaptcha.create(codeConfig);
let sessionCaptcha = captcha.text.toLowerCase(); //存session用于验证接口获取文字码
let codeData = {
img:captcha.data
}
callback(sessionCaptcha,codeData);
}
`

`const Router = require('express')
const router = Router()
const getCode = require('../model/svgCaptcha.js')

router.get('/code', function(req, res, next) {
getCode(function(code, img) {
//存session用于验证接口获取文字码
req.session.captcha = code
let data = {}
if (code && img) {
data = {
code: 200,
msg: '获取成功',
data: img
}
} else {
data = {
code: 400,
msg: '获取失败',
data: img
}
}

res.json(data)

})

})

module.exports = router
`

验证码不太友好...能否设置不分大小写

Hello,

Basically if you look at the characters of the font Comismsh (which is default), there is a ground issue.

Letter "l" (lowercase letter "L") is completely the same as "I" (uppercase letter "i"). While it is not an issue in development or article text, this is a huge problem in captcha, because you never know what is that symbol for sure.

http://prntscr.com/h32f17

Thanks.

生成的圖片上下會有留白
但在圖片較小的情況(如：w x h = 40 x 18),
那個空白反而壓縮到了文字可生成的大小 (原本預期佔滿圖片).
是否有考慮新增參數讓使用者自訂呢？

Cannot display completely in IE browser

Looks like the tags here are not synced with the versions you published on npm registry, it could be better to sync with all the version there, and maybe some changelog for every version?

How to show chinese traslations in svg image in captcha?

I have tried to update the string in char-preset.js
Replaced the string with chinese character, but I am getting square boxes in svg image.
Please any one can help in this?

Do you want to request a feature or report a bug?

If this is a feature request, what is motivation for changing the behavior?

If it is a bug, which version of svg-captcha are you using?

What is the current behavior?

What is the expected behavior?

Step to reproduce the bug or other relevant information

Which version of svg-captcha are you using?
1.3.8
Do you want to request a feature or report a bug?
bug
If this is a feature request, what is motivation for changing the behavior?

If it is a bug, which version of svg-captcha are you using?
1.3.8
What is the current behavior?
text places above the image (my text with custom fonts not centered, but placed at the top of image, sometimes cutoff) - https://www.screencast.com/t/HKAKKL4bc
What is the expected behavior?
text should be centered - https://www.screencast.com/t/QFXswdxZ
Step to reproduce the bug or other relevant information
please see line 37 in index.js ( const y = height / 2;) more properly value ( (height + options.fontSize) / 2;) https://www.screencast.com/t/maTW9HrzjS

Hi, I noticed that version 3 has not been published to npm. I am not sure whether it is functionally ready to use, but if yes, could you publish it with next tag?

I see that createMathExpr exists in the latest release, but is no longer in current master. Why was that removed?

Do you want to request a feature or report a bug?
feature

If this is a feature request, what is motivation for changing the behavior?
Improve security

If it is a bug, which version of svg-captcha are you using?

What is the current behavior?
Currently, one path is used for one character of the code in the SVG graphic.

What is the expected behavior?
The paths should be combined into one path so that an attacker cannot easily separate the individual characters from the noise and background, which makes it much easier to automatically resolve the captcha.

Step to reproduce the bug or other relevant information

从文档中看到这API， 但是并没有预期效果，源码也是随机字符串。 没法指定text?

svgCaptcha(text, options)

const fontPath = path.join(__dirname, '../fonts/Comismsh.ttf');
this is not good,we could not pack all.js to one js

Is there any way to store this to a file instead of a long string of gibberish which most definitely represents the image (i'm very new to svg) i'm not trying to use this for a web application btw

it's good and simple, can it be more optional, such as set text color, the background color and so on.

Can someone give me an example about how to change the height asap. Thanks...

我看了一下响应的结果，在结果中，我重点关注了Ｃ的表达形式，发现重复的几次调用会出现一段完相同的路径，而这个路径则指表达出Ｃ来了，那么我有理由可以相信，你这里所有的路径并不是实时生成的，或只能按某些特定的规则生成，这会导致结果集是在一个可控范围，应该很容易被暴力搜索出来的．

I think inversing colors should be nice.
Now if color:false, and backgroun:"", it draw with grey near black.
With inverse it should draw with grey near white

Hello, I would like to use this svg-captcha in Agularjs 2

1¿It is posible?
2. ¿How ?