changeset 1223:6617f5f79d68

mod_register_web: Always use HTTPS to connect to recaptcha's API (thanks hexa)
author Matthew Wild <mwild1@gmail.com>
date Wed, 20 Nov 2013 23:35:45 +0000
parents e3a766045ef6
children 0b72b8fe4591
files mod_register_web/mod_register_web.lua
diffstat 1 files changed, 3 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/mod_register_web/mod_register_web.lua	Tue Nov 05 14:33:41 2013 -0500
+++ b/mod_register_web/mod_register_web.lua	Wed Nov 20 23:35:45 2013 +0000
@@ -4,10 +4,10 @@
 function generate_captcha(display_options)
 	return (([[
 		<script type="text/javascript"
-     		src="http://www.google.com/recaptcha/api/challenge?k=$$recaptcha_public_key$$">
+     		src="https://www.google.com/recaptcha/api/challenge?k=$$recaptcha_public_key$$">
   		</script>
   		<noscript>
-     		<iframe src="http://www.google.com/recaptcha/api/noscript?k=$$recaptcha_public_key$$$$recaptcha_display_error$$"
+     		<iframe src="https://www.google.com/recaptcha/api/noscript?k=$$recaptcha_public_key$$$$recaptcha_display_error$$"
          		height="300" width="500" frameborder="0"></iframe><br>
      		<textarea name="recaptcha_challenge_field" rows="3" cols="40">
      		</textarea>
@@ -77,7 +77,7 @@
 function handle_form(event)
 	local request, response = event.request, event.response;
 	local form = http.formdecode(request.body);
-	http.request("http://www.google.com/recaptcha/api/verify", {
+	http.request("https://www.google.com/recaptcha/api/verify", {
 		body = http.formencode {
 			privatekey = captcha_options.recaptcha_private_key;
 			remoteip = request.conn:ip();