/* SoftCrow.Razor.Captcha — package stylesheet (DesignAesthetic §10).
   Consumers must add:
   <link rel="stylesheet" href="_content/SoftCrow.Razor.Captcha/css/softcrow-captcha.css" />

   Without it the honeypot decoy field is VISIBLE to real users, who will either fill it in (and be
   silently rejected) or be confused by it. The link is not optional.

   Override points:
     --sc-captcha-margin        vertical margin around the widget (default 0.75rem)
     --sc-captcha-min-height    reserved height, preventing layout shift as the widget loads */

.sc-captcha-root {
    --sc-captcha-margin: 0.75rem;
    --sc-captcha-min-height: 65px;
}

.sc-captcha-root .sc-captcha-widget {
    /* Turnstile's normal-size widget is 65px tall. Reserving the space stops the submit button
       jumping down as the iframe arrives. */
    min-height: var(--sc-captcha-min-height);
    margin-block: var(--sc-captcha-margin);
}

/* The decoy input. Off-screen positioning rather than display:none or visibility:hidden, both of
   which the current bot generation checks for and skips — the whole point is that a bot fills it.
   Screen-reader and keyboard users are kept out by aria-hidden and tabindex="-1" on the markup:
   blocking a real human is a worse outcome than missing a bot. */
.sc-captcha-root .sc-captcha-honeypot {
    position: absolute;
    left: -9999px;
    top: auto;
    width: 1px;
    height: 1px;
    overflow: hidden;
}
