michael/pyfedi
1
0
Fork 0
mirror of https://codeberg.org/rimu/pyfedi synced 2025-01-23 11:26:56 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

make recaptcha work with nonce

Browse source
This commit is contained in:
rimu 2024-01-05 11:56:18 +13:00
parent 9424f41d87
commit a2aee59e7f
4 changed files with 16 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
app/auth/recaptcha3.py
View file

@ -1,6 +1,6 @@
import logging import logging
import requests import requests
from flask import Markup, current_app, request from flask import Markup, current_app, request, session
from wtforms import ValidationError from wtforms import ValidationError
from wtforms.fields import HiddenField from wtforms.fields import HiddenField
from wtforms.widgets import HiddenInput from wtforms.widgets import HiddenInput
@ -8,8 +8,8 @@ from wtforms.widgets import HiddenInput
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
RECAPTCHA_TEMPLATE = ''' RECAPTCHA_TEMPLATE = '''
<script src='https://www.google.com/recaptcha/api.js?render={public_key}&onload=executeRecaptcha{action}' async defer></script> <script src='https://www.google.com/recaptcha/api.js?render={public_key}&onload=executeRecaptcha{action}' async defer nonce={nonce}></script>
<script> <script nonce={nonce}>
var executeRecaptcha{action} = function() {{ var executeRecaptcha{action} = function() {{
console.log("grecaptcha is ready!"); console.log("grecaptcha is ready!");
grecaptcha.execute('{public_key}', {{action: '{action}'}}).then(function(token) {{ grecaptcha.execute('{public_key}', {{action: '{action}'}}).then(function(token) {{
@ -22,8 +22,8 @@ RECAPTCHA_TEMPLATE = '''
''' '''
RECAPTCHA_TEMPLATE_MANUAL = ''' RECAPTCHA_TEMPLATE_MANUAL = '''
<script src='https://www.google.com/recaptcha/api.js?render={public_key}' async defer></script> <script src='https://www.google.com/recaptcha/api.js?render={public_key}' async defer nonce={nonce}></script>
<script> <script nonce={nonce}>
var executeRecaptcha{action} = function() {{ var executeRecaptcha{action} = function() {{
console.log("executeRecaptcha{action}() is called!"); console.log("executeRecaptcha{action}() is called!");
grecaptcha.ready(function() {{ grecaptcha.ready(function() {{
@ -113,7 +113,7 @@ class Recaptcha3Widget(HiddenInput):
return Markup( return Markup(
(RECAPTCHA_TEMPLATE if field.execute_on_load else RECAPTCHA_TEMPLATE_MANUAL).format( (RECAPTCHA_TEMPLATE if field.execute_on_load else RECAPTCHA_TEMPLATE_MANUAL).format(
public_key=public_key, action=field.action, field_name=field.name)) public_key=public_key, action=field.action, field_name=field.name, nonce=session['nonce']))
class Recaptcha3Field(HiddenField): class Recaptcha3Field(HiddenField):

3
app/static/structure.css
View file

@ -523,8 +523,7 @@ fieldset legend {
.url_thumbnail { .url_thumbnail {
float: right; float: right;
margin-top: 6px; margin-top: -6px;
margin-right: 6px;
} }
.post_image img { .post_image img {

3
app/static/structure.scss
View file

@ -197,8 +197,7 @@ nav, etc which are used site-wide */
.url_thumbnail { .url_thumbnail {
float: right; float: right;
margin-top: 6px; margin-top: -6px;
margin-right: 6px;
} }
.post_image { .post_image {

9
interests.txt
View file

@ -45,7 +45,7 @@ gaming
https://lemmy.world/c/linux_gaming https://lemmy.world/c/linux_gaming
https://lemmy.world/c/pcgaming https://lemmy.world/c/pcgaming
https://lemmy.world/c/diablo https://lemmy.world/c/diablo
https://beehaw.org/c/gaming https://sopuli.xyz/c/steamdeck
interesting stuff interesting stuff
https://kbin.social/m/science https://kbin.social/m/science
@ -169,3 +169,10 @@ health
https://lemmy.world/c/health https://lemmy.world/c/health
https://lemmy.ml/c/health https://lemmy.ml/c/health
https://mander.xyz/c/medicine https://mander.xyz/c/medicine
music
https://sopuli.xyz/c/hiphopheads
https://lemmy.world/c/classicrock
https://lemmy.world/c/90smusic
https://lemmy.world/c/alternativenation
https://lemmy.world/c/music