Update captcha.go
Captcha must be deleted if the user entered a "challenge" with a different length than the captcha.
Showing
1 changed file
with
5 additions
and
1 deletions
| ... | @@ -200,7 +200,7 @@ func (c *Captcha) Verify(id string, challenge string) (success bool) { | ... | @@ -200,7 +200,7 @@ func (c *Captcha) Verify(id string, challenge string) (success bool) { |
| 200 | 200 | ||
| 201 | key := c.key(id) | 201 | key := c.key(id) |
| 202 | 202 | ||
| 203 | if v, ok := c.store.Get(key).([]byte); ok && len(v) == len(challenge) { | 203 | if v, ok := c.store.Get(key).([]byte); ok { |
| 204 | chars = v | 204 | chars = v |
| 205 | } else { | 205 | } else { |
| 206 | return | 206 | return |
| ... | @@ -211,6 +211,9 @@ func (c *Captcha) Verify(id string, challenge string) (success bool) { | ... | @@ -211,6 +211,9 @@ func (c *Captcha) Verify(id string, challenge string) (success bool) { |
| 211 | c.store.Delete(key) | 211 | c.store.Delete(key) |
| 212 | }() | 212 | }() |
| 213 | 213 | ||
| 214 | if len(chars) != len(challenge) { | ||
| 215 | return | ||
| 216 | } | ||
| 214 | // verify challenge | 217 | // verify challenge |
| 215 | for i, c := range chars { | 218 | for i, c := range chars { |
| 216 | if c != challenge[i]-48 { | 219 | if c != challenge[i]-48 { |
| ... | @@ -221,6 +224,7 @@ func (c *Captcha) Verify(id string, challenge string) (success bool) { | ... | @@ -221,6 +224,7 @@ func (c *Captcha) Verify(id string, challenge string) (success bool) { |
| 221 | return true | 224 | return true |
| 222 | } | 225 | } |
| 223 | 226 | ||
| 227 | |||
| 224 | // create a new captcha.Captcha | 228 | // create a new captcha.Captcha |
| 225 | func NewCaptcha(urlPrefix string, store cache.Cache) *Captcha { | 229 | func NewCaptcha(urlPrefix string, store cache.Cache) *Captcha { |
| 226 | cpt := &Captcha{} | 230 | cpt := &Captcha{} | ... | ... |
-
Please register or sign in to post a comment