Captcha check won't work when Cookies are disabled
36 views
Skip to first unread message
Dmitry A.
Jan 27, 2011, 11:28:53 PM1/27/11
to in-port...@googlegroups.com
Hi guys,
To replicate please disable the Cookies via Firebug and try posting to the form with Captcha, but make sure there is NO SID in your URL query.
There seems to be a bug when Captcha security image check won't work when Browser Cookies are disabled. Current code validation doesn't seem to properly since we are not set Error Status in the called Event rather just call SetError method of the object.
To replicate please disable the Cookies via Firebug and try posting to the form with Captcha, but make sure there is NO SID in your URL query.
Please find the task and patch attached for review.
983: Captcha check won't work when Cookies are disabled
Alex, I would appreciate if you can look into this and post your opinion since there might be some issues in other places where we depend on the cookie.
DA
Dmitry A.
Feb 2, 2011, 9:05:02 PM2/2/11
to in-port...@googlegroups.com
Hi Alex,
I know you have mentioned there might be something else causing this issue.
Would you please check on your end how it all goes?
DA
Alexander Obuhovich
Feb 3, 2011, 2:33:19 AM2/3/11
to in-port...@googlegroups.com
I'll do so, when I'll have the time. Right now I have too much to do.
--
Best Regards,
http://www.in-portal.com
http://www.alex-time.com
Initial patch inspection discovered this:
- kDBItem::SetError sets an error to and $object, associated with given $event (that's ok)
- however it seems, that kDBItem::Validate method that is called after that (in method, who uses CaptchaHelper) doesn't seem to respect that to set $event->status = erFAIL;
DA--
You received this message because you are subscribed to the Google Groups "In-Portal Bugs Team" group.
To post to this group, send email to in-port...@googlegroups.com.
To unsubscribe from this group, send email to in-portal-bug...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/in-portal-bugs?hl=en.
--
Best Regards,
http://www.in-portal.com
http://www.alex-time.com
Alexander Obuhovich
Mar 13, 2011, 8:55:12 AM3/13/11
to in-port...@googlegroups.com
Dmitry, please provide a test script that I can use to duplicate a problem, e.g. script that does curl request to registration template without captcha code and succeeds.
Dmitry A.
Mar 13, 2011, 7:15:10 PM3/13/11
to in-port...@googlegroups.com
Actually, I did NOT have a script and was testing like this:
1. Disable the Cookies via Firebug.
2. Posting to the form with Captcha (ie. Contact Us), but make sure there is NO SID in your URL query. As you know SID is added automatically to all URLs once In-Portal determines that Cookies are OFF, so the point is to be on the Form already.
Let me know if it makes sense to you.
DA
Alexander Obuhovich
Mar 14, 2011, 3:06:33 AM3/14/11
to in-port...@googlegroups.com
What about user registration form? Did captcha failed to work there too OR just only on contact us form?
DA--
You received this message because you are subscribed to the Google Groups "In-Portal Bugs Team" group.
To post to this group, send email to in-port...@googlegroups.com.
To unsubscribe from this group, send email to in-portal-bug...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/in-portal-bugs?hl=en.
Dmitry A.
Mar 14, 2011, 11:41:24 AM3/14/11
to in-port...@googlegroups.com
Strange, but I can't replicate the same issue on User Registration.
I know it did NOT work on the Poll Comments Captacha too. May be it's for sub-items.
I'll be running more tests on this.
DA
Alexander Obuhovich
Mar 14, 2011, 1:32:21 PM3/14/11
to in-port...@googlegroups.com
So maybe captcha helper isn't correctly used on all forms except user registration?
And you are 100% sure that it doesn't work on "Contact Us" form.
--
You received this message because you are subscribed to the Google Groups "In-Portal Bugs Team" group.
To post to this group, send email to in-port...@googlegroups.com.
To unsubscribe from this group, send email to in-portal-bug...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/in-portal-bugs?hl=en.
Alexander Obuhovich
Jul 20, 2012, 12:46:10 PM7/20/12
to in-port...@googlegroups.com
Ping to Dmitry.
Are you sure this is happening at all?
Alexander Obuhovich
Aug 7, 2012, 8:53:03 AM8/7/12
to in-port...@googlegroups.com
Ping 2. See previous ping for more info.
Dmitry A.
Oct 18, 2012, 11:39:23 PM10/18/12
to in-port...@googlegroups.com
Hi Alex,
After some additional time I wasn't able to replicate this now.
I think we can retire this post for now are open if necessary.
DA
Alexander Obuhovich
Oct 22, 2012, 11:13:27 AM10/22/12
to in-port...@googlegroups.com
Agreed.
I even closed associated task with "unable to reproduce" status to make it even more obvious later if we come back to it.
To view this discussion on the web visit https://groups.google.com/d/msg/in-portal-bugs/-/HBHamxq42OsJ.
To post to this group, send email to in-port...@googlegroups.com.
To unsubscribe from this group, send email to in-portal-bug...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/in-portal-bugs?hl=en.
Reply all
Reply to author
Forward
0 new messages