Mercurial > prosody-modules

comparison mod_register_web/mod_register_web.lua @ 1223:6617f5f79d68

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_register_web: Always use HTTPS to connect to recaptcha's API (thanks hexa)
author Matthew Wild <mwild1@gmail.com>
date Wed, 20 Nov 2013 23:35:45 +0000
parents b9d149936764
children a3766d3baacb
comparison
equal deleted inserted replaced
1222:e3a766045ef6 1223:6617f5f79d68
2 local nodeprep = require "util.encodings".stringprep.nodeprep; 2 local nodeprep = require "util.encodings".stringprep.nodeprep;
3 3
4 function generate_captcha(display_options) 4 function generate_captcha(display_options)
5 return (([[ 5 return (([[
6 <script type="text/javascript" 6 <script type="text/javascript"
7 src="http://www.google.com/recaptcha/api/challenge?k=$$recaptcha_public_key$$"> 7 src="https://www.google.com/recaptcha/api/challenge?k=$$recaptcha_public_key$$">
8 </script> 8 </script>
9 <noscript> 9 <noscript>
10 <iframe src="http://www.google.com/recaptcha/api/noscript?k=$$recaptcha_public_key$$$$recaptcha_display_error$$" 10 <iframe src="https://www.google.com/recaptcha/api/noscript?k=$$recaptcha_public_key$$$$recaptcha_display_error$$"
11 height="300" width="500" frameborder="0"></iframe><br> 11 height="300" width="500" frameborder="0"></iframe><br>
12 <textarea name="recaptcha_challenge_field" rows="3" cols="40"> 12 <textarea name="recaptcha_challenge_field" rows="3" cols="40">
13 </textarea> 13 </textarea>
14 <input type="hidden" name="recaptcha_response_field" 14 <input type="hidden" name="recaptcha_response_field"
15 value="manual_challenge"> 15 value="manual_challenge">
75 end 75 end
76 76
77 function handle_form(event) 77 function handle_form(event)
78 local request, response = event.request, event.response; 78 local request, response = event.request, event.response;
79 local form = http.formdecode(request.body); 79 local form = http.formdecode(request.body);
80 http.request("http://www.google.com/recaptcha/api/verify", { 80 http.request("https://www.google.com/recaptcha/api/verify", {
81 body = http.formencode { 81 body = http.formencode {
82 privatekey = captcha_options.recaptcha_private_key; 82 privatekey = captcha_options.recaptcha_private_key;
83 remoteip = request.conn:ip(); 83 remoteip = request.conn:ip();
84 challenge = form.recaptcha_challenge_field; 84 challenge = form.recaptcha_challenge_field;
85 response = form.recaptcha_response_field; 85 response = form.recaptcha_response_field;