root
2 weeks ago
1 changed files with 0 additions and 205 deletions
Split View
Diff Options
@ -1,205 +0,0 @@ |
|||
--- untainted/Gemfile
|
|||
+++ tainted/Gemfile
|
|||
@@ -100,6 +100,8 @@
|
|||
gem 'webpacker', '~> 4.2' |
|||
gem 'webpush' |
|||
|
|||
+gem 'hcaptcha', git: 'https://github.com/firstmoversadvantage/hcaptcha', ref: 'e65246bea49374566a9dbaead59fdb35b46b086d', require: 'hcaptcha/rails'
|
|||
+
|
|||
gem 'json-ld' |
|||
gem 'json-ld-preloaded', '~> 3.1' |
|||
gem 'rdf-normalize', '~> 0.4' |
|||
--- untainted/Gemfile.lock
|
|||
+++ tainted/Gemfile.lock
|
|||
@@ -28,6 +28,13 @@
|
|||
specs: |
|||
nilsimsa (1.1.2) |
|||
|
|||
+GIT
|
|||
+ remote: https://github.com/firstmoversadvantage/hcaptcha
|
|||
+ revision: e65246bea49374566a9dbaead59fdb35b46b086d
|
|||
+ ref: e65246bea49374566a9dbaead59fdb35b46b086d
|
|||
+ specs:
|
|||
+ hcaptcha (6.0.1)
|
|||
+
|
|||
GEM |
|||
remote: https://rubygems.org/ |
|||
specs: |
|||
@@ -703,6 +710,7 @@
|
|||
fuubar (~> 2.5) |
|||
goldfinger (~> 2.1) |
|||
hamlit-rails (~> 0.2) |
|||
+ hcaptcha
|
|||
health_check! |
|||
hiredis (~> 0.6) |
|||
htmlentities (~> 4.3) |
|||
--- untainted/app/controllers/admin/dashboard_controller.rb
|
|||
+++ tainted/app/controllers/admin/dashboard_controller.rb
|
|||
@@ -36,6 +36,7 @@
|
|||
@timeline_preview = Setting.timeline_preview |
|||
@spam_check_enabled = Setting.spam_check_enabled |
|||
@trends_enabled = Setting.trends |
|||
+ @hcaptcha_enabled = ENV['HCAPTCHA_ENABLED'] == 'true'
|
|||
end |
|||
|
|||
private |
|||
--- untainted/app/controllers/api/v1/accounts_controller.rb
|
|||
+++ tainted/app/controllers/api/v1/accounts_controller.rb
|
|||
@@ -21,13 +21,14 @@
|
|||
end |
|||
|
|||
def create |
|||
- token = AppSignUpService.new.call(doorkeeper_token.application, account_params)
|
|||
- response = Doorkeeper::OAuth::TokenResponse.new(token)
|
|||
+ not_found
|
|||
+ #token = AppSignUpService.new.call(doorkeeper_token.application, account_params)
|
|||
+ #response = Doorkeeper::OAuth::TokenResponse.new(token)
|
|||
|
|||
- headers.merge!(response.headers)
|
|||
+ #headers.merge!(response.headers)
|
|||
|
|||
- self.response_body = Oj.dump(response.body)
|
|||
- self.status = response.status
|
|||
+ #self.response_body = Oj.dump(response.body)
|
|||
+ #self.status = response.status
|
|||
end |
|||
|
|||
def follow |
|||
--- untainted/app/controllers/auth/registrations_controller.rb
|
|||
+++ tainted/app/controllers/auth/registrations_controller.rb
|
|||
@@ -11,6 +11,7 @@
|
|||
before_action :set_body_classes, only: [:new, :create, :edit, :update] |
|||
before_action :require_not_suspended!, only: [:update] |
|||
before_action :set_cache_headers, only: [:edit, :update] |
|||
+ before_action :check_captcha, only: [:create]
|
|||
|
|||
skip_before_action :require_functional!, only: [:edit, :update] |
|||
|
|||
@@ -91,6 +92,15 @@
|
|||
end |
|||
|
|||
private |
|||
+
|
|||
+ def check_captcha
|
|||
+ if ENV['HCAPTCHA_ENABLED'] == 'true' && !verify_hcaptcha
|
|||
+ self.resource = resource_class.new sign_up_params
|
|||
+ resource.validate
|
|||
+ flash[:alert] = Hcaptcha::Helpers.to_error_message(:verification_failed)
|
|||
+ respond_with_navigational(resource) { render :new }
|
|||
+ end
|
|||
+ end
|
|||
|
|||
def set_instance_presenter |
|||
@instance_presenter = InstancePresenter.new |
|||
--- untainted/app/javascript/styles/mastodon/forms.scss
|
|||
+++ tainted/app/javascript/styles/mastodon/forms.scss
|
|||
@@ -239,6 +239,9 @@
|
|||
.input:last-child { |
|||
margin-bottom: 0; |
|||
} |
|||
+ .h-captcha {
|
|||
+ text-align: center;
|
|||
+ }
|
|||
} |
|||
|
|||
.fields-row { |
|||
--- untainted/app/views/about/_registration.html.haml
|
|||
+++ tainted/app/views/about/_registration.html.haml
|
|||
@@ -18,6 +18,10 @@
|
|||
.fields-group |
|||
= f.input :agreement, as: :boolean, wrapper: :with_label, label: t('auth.checkbox_agreement_html', rules_path: about_more_path, terms_path: terms_path), disabled: closed_registrations? |
|||
|
|||
+ - if ENV['HCAPTCHA_ENABLED'] == 'true'
|
|||
+ .fields-group
|
|||
+ = hcaptcha_tags
|
|||
+
|
|||
.actions |
|||
= f.button :button, sign_up_message, type: :submit, class: 'button button-primary', disabled: closed_registrations? |
|||
|
|||
--- untainted/app/views/admin/dashboard/index.html.haml
|
|||
+++ tainted/app/views/admin/dashboard/index.html.haml
|
|||
@@ -121,6 +121,8 @@
|
|||
%li |
|||
= feature_hint('PAM', @pam_enabled) |
|||
%li |
|||
+ = feature_hint(t('admin.dashboard.feature_hcaptcha'), @hcaptcha_enabled)
|
|||
+ %li
|
|||
= feature_hint(t('admin.dashboard.hidden_service'), @hidden_service) |
|||
|
|||
.dashboard__widgets__trends |
|||
--- untainted/app/views/auth/registrations/new.html.haml
|
|||
+++ tainted/app/views/auth/registrations/new.html.haml
|
|||
@@ -35,6 +35,10 @@
|
|||
.fields-group |
|||
= f.input :agreement, as: :boolean, wrapper: :with_label, label: whitelist_mode? ? t('auth.checkbox_agreement_without_rules_html', terms_path: terms_path) : t('auth.checkbox_agreement_html', rules_path: about_more_path, terms_path: terms_path) |
|||
|
|||
+ - if ENV['HCAPTCHA_ENABLED'] == 'true'
|
|||
+ .fields-group
|
|||
+ = hcaptcha_tags
|
|||
+
|
|||
.actions |
|||
= f.button :button, @invite.present? ? t('auth.register') : sign_up_message, type: :submit |
|||
|
|||
--- untainted/config/initializers/content_security_policy.rb
|
|||
+++ tainted/config/initializers/content_security_policy.rb
|
|||
@@ -16,27 +16,29 @@
|
|||
media_host ||= host_to_url(ENV['S3_HOSTNAME']) if ENV['S3_ENABLED'] == 'true' |
|||
media_host ||= assets_host |
|||
|
|||
+hcaptcha_hosts = ["https://hcaptcha.com", "https://*.hcaptcha.com"]
|
|||
+
|
|||
Rails.application.config.content_security_policy do |p| |
|||
p.base_uri :none |
|||
p.default_src :none |
|||
p.frame_ancestors :none |
|||
p.font_src :self, assets_host |
|||
p.img_src :self, :https, :data, :blob, assets_host |
|||
- p.style_src :self, assets_host
|
|||
+ p.style_src :self, assets_host, *hcaptcha_hosts
|
|||
p.media_src :self, :https, :data, assets_host |
|||
- p.frame_src :self, :https
|
|||
+ p.frame_src :self, :https, *hcaptcha_hosts
|
|||
p.manifest_src :self, assets_host |
|||
|
|||
if Rails.env.development? |
|||
webpacker_urls = %w(ws http).map { |protocol| "#{protocol}#{Webpacker.dev_server.https? ? 's' : ''}://#{Webpacker.dev_server.host_with_port}" } |
|||
|
|||
p.connect_src :self, :data, :blob, assets_host, media_host, Rails.configuration.x.streaming_api_base_url, *webpacker_urls |
|||
- p.script_src :self, :unsafe_inline, :unsafe_eval, assets_host
|
|||
+ p.script_src :self, :unsafe_inline, :unsafe_eval, assets_host, *hcaptcha_hosts
|
|||
p.child_src :self, :blob, assets_host |
|||
p.worker_src :self, :blob, assets_host |
|||
else |
|||
p.connect_src :self, :data, :blob, assets_host, media_host, Rails.configuration.x.streaming_api_base_url |
|||
- p.script_src :self, assets_host
|
|||
+ p.script_src :self, assets_host, *hcaptcha_hosts
|
|||
p.child_src :self, :blob, assets_host |
|||
p.worker_src :self, :blob, assets_host |
|||
end |
|||
--- /dev/null
|
|||
+++ tainted/config/initializers/hcaptcha.rb
|
|||
@@ -0,0 +1,5 @@
|
|||
+Hcaptcha.configure do |config|
|
|||
+ config.site_key = ENV.fetch('HCAPTCHA_SITE_KEY') { '10000000-ffff-ffff-ffff-000000000001' }
|
|||
+ config.secret_key = ENV.fetch('HCAPTCHA_SECRET_KEY') { '0x0000000000000000000000000000000000000000' }
|
|||
+end
|
|||
+
|
|||
--- untainted/config/locales/en.yml
|
|||
+++ tainted/config/locales/en.yml
|
|||
@@ -324,6 +324,7 @@
|
|||
backlog: backlogged jobs |
|||
config: Configuration |
|||
feature_deletions: Account deletions |
|||
+ feature_hcaptcha: hCaptcha
|
|||
feature_invites: Invite links |
|||
feature_profile_directory: Profile directory |
|||
feature_registrations: Registrations |
|||
@@ -535,6 +536,8 @@
|
|||
deletion: |
|||
desc_html: Allow anyone to delete their account |
|||
title: Open account deletion |
|||
+ errors:
|
|||
+ captcha_fail: Captcha verification failed
|
|||
min_invite_role: |
|||
disabled: No one |
|||
title: Allow invitations by |
|||
Write
Preview
Loading…
Cancel
Save