Contributed by email.

Update README.md

This makes Server support Range request, fixing issue with Safari not
playing audio.

See
https://github.com/dchest/uniuri/commit/2e215562f605dacd124f15eb89523bdc32da3a41

This fixes panic due in PRNG "invalid argument to Intn" due to
requesting random number with no range (0).

WARNING: introduces API incompatibility!

This package generates captcha representations on-the-fly; for instance,
if captcha solution was "123456", every call to NewImage() using this
sequence of digits would generate a different random image containing
"123456"; similarly, NewAudio() would generate a different audio
pronouncing the same sequence: 1, 2, 3, 4, 5, 6.

If a user, instead of storing generated outputs, exposes this
functionality from their server, which is the default and recommended
behaviour, an attacker could try loading the same image or audio over
and over again in attempt to arrive at the most correct optical/voice
recognition result.

Instead of using a global non-deterministic pseudorandom number
generator to distort images and audio, this commit introduces a
deterministic PRNG for each image/audio. This PRNG uses a combination of
a global secret key (generated once during initialization from a system
CSPRNG) and captcha id and solution to produce pseudorandom numbers for
each representation deterministically. Thus, calling NewImage() with the
same captcha id and solution at different times will result in the same
image (ditto for NewAudio).

To make results unique not only for different solutions, but also for
ids, these incompatible changes to public API have been introduced:

NewImage and NewAudio changed from:

  func NewImage(digits []byte, width, height int) *Image
  func NewAudio(digits []byte, lang string) *Audio

to:

  func NewImage(id string, digits []byte, width, height int) *Image
  func NewAudio(id string, digits []byte, lang string) *Audio

That is, they now accept an additional captcha `id` argument.
No other interfaces changed.

Described changes also improved performance of generating captchas.

Fix typo.

Instead of writing directly via png.Encode, encode image
into a buffer first, then write the whole buffer.

~~~
This commit is brought to you by:

http://blog.oleganza.com
Must-have source of knowledge about Bitcoin.
~~~

(Sponsor my commits! https://github.com/dchest/commit-ads)

Go weekly 2012-02-07.

Example is now capexample.
To build helper tools:

   cd capexample && go install
   cd capgen && go install

This will install tools capexample and cangen into $GOPATH/bin.

sounds.go doesn't have a copyright header, because the file is generated
by a program. I don't want to make it output the copyright header,
because users can generate sounds themselves, and the copyright status
of such generated files can be different.