Dead simple plugin-less library-less framework-less filter for online content.
(who's time has passed ... nice baby ... bye! bye!)
You have something you want to make web accessible but discourage abuse so you use a reCaptcha, which is just generating a annoying form and evaluating the response to determine whether or not to display your content. Google offers captcha as a service and uses the work done to digitize books and street view images.
Put the (possibly edited) template files in some directory outside webroot (perhaps along side the content page you are protecting) The "template" files are just plain HTML with embedded shell variables wrapped in heredoc. For security reasons these template files should not be web accessible.
Put the captcha.cgi where it can be executed by your web server probably under cgi-bin/.
Edit captcha.cgi, at minimum you need to add your Google recaptcha keys for_the_host_the_script_is_served_from the keys are generated by: https://www.google.com/recaptcha/admin/create Adjust the path for the templates and path and name of the content to serve when a recaptcha is solved.
If you really want some requirements please see the next section.
*PHP
*.NET
*Java
*Perl
** CPAN is kindly transparent on dependencies
*Python
*Ruby
*Ruby
*Ruby
*ColdFusion
*
*(Google's forum for people having problems with these...
Maintaining a language
to import a library or framework
to wrap a "Public Web API" (read as "fetch webpage")
to replace barely a half page of
if okay then hereyago else goaway
is just wrong.
- This tool does not send the IP of people using it to Google but does send a probably unique an alternative (hashed) IP instead.
- This tool neither repeats nor reveals the name of the document served, thus a bookmark is only valid till the symlink is deleted.
Why not?
I am not a security expert, so I'm interested to hear testable theories
on how this could be vulnerable.