cerealxp/FreeCAPTCHA
1
0
Bifurcation 0
Code Tickets 12 Demandes d'ajout Publications Wiki Activité

Create a proper README #2

Nouveau ticket
Ouvert
créé 2023-06-12 11:49:34 -04:00 par cerealxp · 0 commentaire
cerealxp a commenté 2023-06-12 11:49:34 -04:00.
Propriétaire
Copier le lien

Currently, the README shows how to the previous version of FreeCAPTCHA worked. That version of FreeCAPTCHA is documented here: https://www.turtle-techies.com/roll-your-own-captcha-python/.

This is no good for two reasons:

  1. FreeCAPTCHA is very different now
  2. We want to show a lot more.

Here is what I want to show, in order of priority:

  1. Quick demonstration of what FreeCAPTCHA looks like for users when deployed
  2. How webmasters (remember that word?) can integrate FreeCAPTCHA into their website (focusing on Tor onion services).
  3. Document the architecture of FreeCAPTCHA graphically and explain the techniques (overlayed radio buttons, z-indexing, etc)

So here's the outline of how that should look

  1. Intro
    a. What is FreeCAPTCHA? (FOSS plug and play CAPTCHA for no-JS)
    b. Why is it necessary? (replicate the behavior, quality, and security of commercial JS captchas, without the JS, because Tor users usually disable JS)
  2. Demo
    a. Show a gif demonstrating the use to access an onion service
    b. Link to a video that does the same but shows the cookies as they come in and such
  3. Howto
    a. JS and Python blobs for calling FreeCAPTCHA API
    b. PIP and NPM packages once they exist (middlewares)
    c. HTML blurb for adding freecaptcha iframe to frontend (alternatively, the captcha solving page could be hosted by freecaptcha, and then redirects you to the real site once you've solved the captcha. Similar to how oauth redirects work)
  4. Contributing
    a. Diagram showing the relationship between users' servers and our own. Show each part of the architecture and where it is in relation to everything else.
    b. Explain the z-indexing, overlaying checkbox CSS nonsense. (this also needs to be a separate issue where we try to find a real CSS master who can help us clearly understand and explain this lol)
    c. How the cookies work (see JWT issue)
    d. Security. Disclosing issues. Where weaknesses are likely to be and what kinds (where do we render input unsafely, jinja, possible jwt issues, rotating secret keys, architecture security, etc.) We should have a hall of fame for devs and seperate one for hackers with little trophies.
Currently, the README shows how to the previous version of FreeCAPTCHA worked. That version of FreeCAPTCHA is documented here: https://www.turtle-techies.com/roll-your-own-captcha-python/. This is no good for two reasons: 1. FreeCAPTCHA is very different now 2. We want to show a lot more. Here is what I want to show, in order of priority: 1. Quick demonstration of what FreeCAPTCHA looks like for users when deployed 2. How webmasters ([remember that word?](https://developers.google.com/search/blog/2020/11/goodbye-google-webmasters)) can integrate FreeCAPTCHA into their website (focusing on Tor onion services). 3. Document the architecture of FreeCAPTCHA graphically and explain the techniques (overlayed radio buttons, z-indexing, etc) So here's the outline of how that should look 1. Intro a. What is FreeCAPTCHA? (FOSS plug and play CAPTCHA for no-JS) b. Why is it necessary? (replicate the behavior, quality, and security of commercial JS captchas, without the JS, because Tor users usually disable JS) 2. Demo a. Show a gif demonstrating the use to access an onion service b. Link to a video that does the same but shows the cookies as they come in and such 3. Howto a. JS and Python blobs for calling FreeCAPTCHA API b. PIP and NPM packages once they exist (middlewares) c. HTML blurb for adding freecaptcha iframe to frontend (alternatively, the captcha solving page could be hosted by freecaptcha, and then redirects you to the real site once you've solved the captcha. Similar to how oauth redirects work) 4. Contributing a. Diagram showing the relationship between users' servers and our own. Show each part of the architecture and where it is in relation to everything else. b. Explain the z-indexing, overlaying checkbox CSS nonsense. (this also needs to be a separate issue where we try to find a real CSS master who can help us clearly understand and explain this lol) c. How the cookies work (see JWT issue) d. Security. Disclosing issues. Where weaknesses are likely to be and what kinds (where do we render input unsafely, jinja, possible jwt issues, rotating secret keys, architecture security, etc.) We should have a hall of fame for devs and seperate one for hackers with little trophies.
Connectez-vous pour rejoindre cette conversation.
Aucune branche/étiquette spécifiées
Branches Étiquettes
Labels
Effacer les labels   
bug

Something is not working

  
Discussion

Fomenting conversation

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
wontfix

This won't be fixed

Sans labels
bug
Discussion
duplicate
enhancement
help wanted
invalid
question
wontfix
Jalon
Effacer le jalon
Pas d'élément
Sans jalon
Assignés
Supprimer les affectations
Sans assignation
1 participants
Notifications
Échéance
La date d’échéance est invalide ou hors plage. Veuillez utiliser le format 'aaaa-mm-dd'.

Aucune échéance n'a été définie.

Dépendances

Aucune dépendance définie.

Référence : cerealxp/FreeCAPTCHA#2
Sans contenu.
Supprimer la branche "%!s()"

La suppression d’une branche est permanente. Bien qu’une branche supprimée puisse temporairement subsister, elle NE PEUT PAS être facilement restaurée. Continuer ?