New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reset captcha value #375
Reset captcha value #375
Conversation
This will reset the value of the captcha after each sensitive request fixes decred#343
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
discussed on matrix:
If we want to force the user to complete a captcha for every action which sends an email, we dont really need to store
CaptchaDone
in the users session. Rather than flipping it between true/false, we can just assume it is always false
We still needc.Env["CaptchaDone"]
so the template knows whether to draw the captcha or not, but we dont needsession.Values["CaptchaDone"]
at all
Looked at it again. We cant remove For a "proper" fix we need to completely remove |
Discussed further on matrix. Need to set both env and session vars. Also, inside function SettingsPost() we need to set the vars in an Should be good to merge after this. |
Address @jholdstock comments.
Make travis happy.
* commit '3d621efb38e1d969b837bdbc0d7992ed9ac1211f': Reset captcha value (decred#375)
This will reset the the captcha to "false" after each sensitive request.
fixes #343