docs: fix typos

This commit is contained in:
Tiago
2025-05-30 17:52:07 +01:00
parent 2c677fa656
commit 0f29f1fe99
10 changed files with 18 additions and 21 deletions
+2 -2
View File
@@ -26,11 +26,11 @@ Not only is Cap significantly smaller and faster than reCAPTCHA, it's open-sourc
### hCAPTCHA
Pretty much the same as reCAPTCHA, altough hCAPTCHA is significantly more secure. Personally it's the best alternative to Cap, even though the widget's bundle size alone is significantly bigger.
Pretty much the same as reCAPTCHA, although hCAPTCHA is significantly more secure. Personally it's the best alternative to Cap, even though the widget's bundle size alone is significantly bigger.
Fun fact about hCAPTCHA, an attacker can easily solve it for $1.05/1k results while *you* (the site owner) need to pay hCAPTCHA $1/1k solves just for the captcha, even if the content behind the captcha doesn't cost you anything.
Imagine if anyone could drain $100 dollars from your back account just by knowing your name and paying $105 - pretty scary, right?
Imagine if anyone could drain $100 dollars from your bank account just by knowing your name and paying $105 - pretty scary, right?
### Altcha
+1 -3
View File
@@ -73,6 +73,4 @@ console.log(command); // bunx '@cap.js/cli' e455cea65e98b:dceb fb8d25f6abac:93f1
```
> [!NOTE]
> The code above doesn't validate if the challenges are valid and not potentially malicious. If you're getting the challenge list from an untrusted source, make sure to validate it before giving them to the user.
Here's a simple <a href="https://cap-cli-challenges.glitch.me/" target="_blank">Glitch app</a> that generates and validats challenges for you. You can use it to test the CLI and see how it works.
> The code above doesn't validate if the challenges are valid and not potentially malicious. If you're getting the challenge list from an untrusted source, make sure to validate it before giving them to the user.
+1 -1
View File
@@ -13,7 +13,7 @@ By default, Cap's server library uses the following defaults:
## Why Proof-of-work?
Every CAPTCHA can eventually be solved, whether by AIs, algorithms or humans paid via CAPTCHA farms — this results in an endless cat and mouse game between attackers and defenders. The crucial difference lies in the _cost_ imposed on attackers.
Every CAPTCHA can eventually be solved, whether by AIs, algorithms or humans paid via CAPTCHA farms — this results in an endless cat-and-mouse game between attackers and defenders. The crucial difference lies in the _cost_ imposed on attackers.
Cap's goal is to make automated abuse expensive while keeping the experience fast and virtually invisible for real users. PoW is a perfect balance for this issue, stopping abuse by requiring computational effort rather than relying solely on human verification methods that bots continuously learn to mimic.
+1 -1
View File
@@ -1,6 +1,6 @@
# Floating mode
Cap can automatically hide the CAPTCHA until a button is pressed. To use this, add the `data-cap-floating` attribute to the Cap widget with the query selector of the `cap-widget` element you want to use.
Cap can automatically hide the CAPTCHA until a button is pressed. To use this, add the `data-cap-floating` attribute to your trigger with the query selector of the `cap-widget` element you want to use.
```html
<cap-widget
+4 -5
View File
@@ -10,7 +10,7 @@ outline: deep
- **Server-side library:** At least Node 14. Most modern Bun or Deno versions should work too. If you're using Glitch, make sure to set Node 14 or higher in your `engines` field in `package.json`. If you don't use a JavaScript runtime, consider using the [Standalone](standalone.md) server.
- **Client-side widget:** All modern browsers should be supported. A [compatibility version](widget.md#compatibility-version) is available too.
- **Client-side widget:** All modern browsers should be supported
## Client-side
@@ -29,7 +29,7 @@ Start by adding importing the Cap widget library from a CDN:
:::
::: warning
We're using the latest version of the library here for keeping stuff simple, but you should optimally pin a specific version to avoid breaking changes in the future.
We're using the latest version of the library here for simplicity, but you should optimally pin a specific version to avoid breaking changes in the future.
:::
Next, add the `<cap-widget>` component to your HTML.
@@ -82,7 +82,7 @@ pnpm i @cap.js/server
:::
::: tip
It is recommended to use at least Node.js 14 or Bun 1.0.0. You might experience multiple issues on older versions of these runtimes.
It is recommended to use at least Node.js 14 or Bun 1.0.0. You might experience multiple issues on older versions of these runtimes.
Additionally, always assume that Cap might fail to protect you. **Always** add extra security measures such as ratelimits. It's also important to keep in mind that Cap doesn't stop potential vulnerabilities in your app.
:::
@@ -219,7 +219,6 @@ await cap.validateToken("..."); // returns { success: Boolean }
Note that the token will immediately be deleted after this. To prevent this, use `await cap.validateToken("...", { keepToken: true })`.
## LLMs
You can use this documentaton's [llms.txt](/llms.txt) or [llms-full.txt](/llms-full.txt) (~8k tokens) to give to LLMs. Note that Cap is **not vibe-coded**
You can use this documentation's [llms.txt](/llms.txt) or [llms-full.txt](/llms-full.txt) (~8k tokens) to give to LLMs. Note that Cap is **not vibe-coded**
+1 -1
View File
@@ -35,7 +35,7 @@ Creates a new Cap instance. If a 2nd argument is provided, it will use that elem
**Arguments**
```json
{
apiEndpoint: ..., // api endpoint, similiar to the widget `data-cap-api-endpoint` attribute
apiEndpoint: ..., // api endpoint, similar to the widget `data-cap-api-endpoint` attribute
workers: navigator.hardwareConcurrency || 8 // number of worker threads to use
}
```
+2 -2
View File
@@ -1,6 +1,6 @@
# About checkpoints/Middlewares
# About checkpoints
Cap's Checkpoints allow you to replicate Cloudflare's browser check interstitial. This helps prevent all bots, and automated abuse before they ever reach your website, not only submitting forms.
Cap's Checkpoints (previously known as middlewares) allow you to replicate Cloudflare's browser check interstitial. This helps prevent bots, LLMs and automated abuse from ever reaching your website.
They're extremely simple to set up and use, with you only having to add a few lines of code to your server, unlike moving your entire website over to cloudflare.
+2 -2
View File
@@ -10,6 +10,6 @@ Cap is designed around a few core ideas:
- **User-first** — designed to be unintrusive and accessible, with invisible and floating modes.
- **Self-hostable, not centralized** — you control the infra, tokens, and behavior.
By using proof-of-work instead of user behavior analysis, Cap shifts the burden from identity to computation. That means anyone can prove theyre human — no cookies, no accounts, no friction.
By using proof-of-work instead of user behavior analysis, Cap shifts the burden from identity to computation. That means anyone can prove they're human — no cookies, no accounts, no friction.
Cap is what a CAPTCHA shouldve been all along: **simple, honest, and yours.**
Cap is what a CAPTCHA should've been all along: **simple, honest, and yours.**
+2 -2
View File
@@ -41,7 +41,7 @@ console.log(await solver(CHALLENGES));
## FAQ
### Why is this needed?
Mainly for M2M interactions, where you want to solve Cap challenges in the server without user interaction.
Mainly for M2M interactions, where you want to solve Cap challenges on the server without user interaction.
### Doesn't this defeat the purpose of Cap?
Not really. Server-side solving is a core use case of proof-of-work CAPTCHAs like Cap or altcha. Its about proving effort, not necessarily involving a human. [Learn more](./effectiveness.md#why-you-might-not-want-to-use-this)
Not really. Server-side solving is a core use case of proof-of-work CAPTCHAs like Cap or altcha. It's about proving effort, not necessarily involving a human. [Learn more](./effectiveness.md)
+2 -2
View File
@@ -22,7 +22,7 @@
:::
::: warning
We're using the latest version of the library here for keeping stuff simple, but you should optimally pin a specific version to avoid breaking changes in the future.
We're using the latest version of the library here for simplicity, but you should optimally pin a specific version to avoid breaking changes in the future.
:::
You can now use the `<cap-widget>` component in your HTML.
@@ -62,7 +62,7 @@ The following custom events are supported:
- `solve`: Triggered when the token is generated.
- `error`: Triggered when an error occurs.
- `reset`: Triggered when the widget is reset.
- `progress`: Triggered when the there's a progress update while in verification.
- `progress`: Triggered when there's a progress update while in verification.
## i18n