This repository has been archived by the owner on Dec 1, 2023. It is now read-only.
Verify captcha throws bad request if captcha not enabled #920
Comments
|
This should be top priority ! For me user registration and comments are not working because of mandatory google captchas. This is a complete blocker issues, for me the CMS is unusable if googleCaptchas are required. |
|
Yeah, currently you are forced to use Captcha with the CMS; otherwise as before mentioned, things like submit comments or registration don't work, because you do that when you are not authenticated. @MalteScharenberg You created the captcha and for you, as you are familiar with it, you could fix it very fast. I wrote a quick fix ( one way to do). I simply check, if a captcha config value is not set. If it finds falsy configs, the verify option gets disabled. 'events' => [
// captcha bug fix (occurs in Pagekit v1.0.15)
'request' => [function ($event, $request) use ($app) {
if ($request->attributes->has('_captcha_verify') && 0 < count(Arr::filter($app->config('system/captcha')->toArray(), function ($val) { return !$val; }))) {
$request->attributes->set('_captcha_verify', false);
}
}, -90],
] |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Problem
The pagekit 1.0.15 update introducing captcha has a problem. If you apply the @captcha(verify=true) on a route and the captcha is disabled & client is not authenticated, every request will fail.
It's a logic error in the code. The first if should also check, if the captcha is configured! Currently every route which enforces verification will throw 400 if captcha disabled. At loading scripts (in the onScripts function) this is taken into account.
Problems arises when submitting comments anonymously.
Technical Details
The text was updated successfully, but these errors were encountered: