From 3a6abf222f10280a7598a6561f7ccfa276761b63 Mon Sep 17 00:00:00 2001
From: Marc Anguera <srmarc.ai@gmail.com>
Date: Sun, 17 Mar 2024 19:43:50 +0100
Subject: [PATCH] [IP spinner] mark as spam requests with no spinner value
 (#134)

---
 lib/invisible_captcha/controller_ext.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/invisible_captcha/controller_ext.rb b/lib/invisible_captcha/controller_ext.rb
index f39f972..4d240d7 100644
--- a/lib/invisible_captcha/controller_ext.rb
+++ b/lib/invisible_captcha/controller_ext.rb
@@ -23,6 +23,7 @@ def detect_spam(options = {})
         on_timestamp_spam(options)
         return if performed?
       end
+
       if honeypot_spam?(options) || spinner_spam?
         on_spam(options)
       end
@@ -75,7 +76,7 @@ def timestamp_spam?(options = {})
     end
 
     def spinner_spam?
-      if InvisibleCaptcha.spinner_enabled && params[:spinner] != session[:invisible_captcha_spinner]
+      if InvisibleCaptcha.spinner_enabled && (params[:spinner].blank? || params[:spinner] != session[:invisible_captcha_spinner])
         warn_spam("Spinner value mismatch")
         return true
       end