Re: [fossil-users] Fossil Captchas
On Sun, Mar 26, 2017 at 9:06 PM, Richard Hipp wrote: > I am also now reminded that there is an option on the Setup/Access > page that adds a button to the CAPTCHA that completes the captcha > automatically. That would nicely facility access via screen readers. > i was about to say the same thing (Admin ==> Setup ==> auto-captcha), but it appears to have been broken. On my recently-update site it's not working, anyway (the button doesn't appear). i haven't looked into why (i'm still limited to how much i can operate a keyboard), but speculate that it "might" have been purposely removed, as bots can mostly understand JavaScript nowadays. -- - stephan beal http://wanderinghorse.net/home/stephan/ "Freedom is sloppy. But since tyranny's the only guaranteed byproduct of those who insist on a perfect world, freedom will have to do." -- Bigby Wolf ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Fossil Captchas
On 3/26/17, Damien Sykes-Lindley wrote: > Hi Richard, > Forgive me if I'm mistaken, but I think the anonymous password shows itself > as a captcha. The following quote from the antibot article would seem to > confirm this: > > "The "anonymous" user is also available for humans who do not wish to > identify themselves. The difference is that "anonymous" requires a login > (using a password supplied via a CAPTCHA)" Hmm... I suppose you do have to enter the CAPTCHA if you want to log in as anonymous. My point is, though, that sites like Fossil and SQLite are configured such that anonymous log-in is not required. I am also now reminded that there is an option on the Setup/Access page that adds a button to the CAPTCHA that completes the captcha automatically. That would nicely facility access via screen readers. > > Below that there are several lines of underscores and bars, I'm assuming > this is an ascii-based captcha or some other method of obscurity, since I > can't find any clear 8-digit hexadecimal sequence. Correct. The CAPTCHA is an ascii-art rendering of the 8-digit hex key. -- D. Richard Hipp d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Fossil Captchas
Hi Richard, Forgive me if I'm mistaken, but I think the anonymous password shows itself as a captcha. The following quote from the antibot article would seem to confirm this: "The "anonymous" user is also available for humans who do not wish to identify themselves. The difference is that "anonymous" requires a login (using a password supplied via a CAPTCHA)" The login page states: "Visitors may enter anonymous as the user-ID with the 8-character hexadecimal password shown below:" Below that there are several lines of underscores and bars, I'm assuming this is an ascii-based captcha or some other method of obscurity, since I can't find any clear 8-digit hexadecimal sequence. Cheers. Damien. -Original Message- From: Richard Hipp Sent: Sunday, March 26, 2017 7:38 PM To: Fossil SCM user's discussion Subject: Re: [fossil-users] Fossil Captchas On 3/26/17, Damien Sykes-Lindley wrote: Hi there, Is there any chance an option can be added in Fossil whereby, when/where a captcha is required, the task is to answer a question instead? That could be done, in theory, but augmenting a few routines in the captcha.c source file. Consider sending in patches. But, I thought the design of Fossil had moved past the need for captchas for robot control. See http://localhost:591/fossil/doc/trunk/www/antibot.wiki for details. I just now logged off and went surfing about on the canonical Fossil repo and did not find any pages requesting a captcha. Do you have an example that I have overlooked? -- D. Richard Hipp d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
Re: [fossil-users] Fossil Captchas
On 3/26/17, Damien Sykes-Lindley wrote: > Hi there, > Is there any chance an option can be added in Fossil whereby, when/where a > captcha is required, the task is to answer a question instead? That could be done, in theory, but augmenting a few routines in the captcha.c source file. Consider sending in patches. But, I thought the design of Fossil had moved past the need for captchas for robot control. See http://localhost:591/fossil/doc/trunk/www/antibot.wiki for details. I just now logged off and went surfing about on the canonical Fossil repo and did not find any pages requesting a captcha. Do you have an example that I have overlooked? -- D. Richard Hipp d...@sqlite.org ___ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
