mirror of
https://github.com/lunaisnotaboy/mastodon.git
synced 2024-12-02 19:44:12 +00:00
1b493c9fee
Fixes #1649 This requires setting `HCAPTCHA_SECRET_KEY` and `HCAPTCHA_SITE_KEY`, then enabling the admin setting at `/admin/settings/edit#form_admin_settings_captcha_enabled` Subsequently, a hCaptcha widget will be displayed on `/about` and `/auth/sign_up` unless: - the user is already signed-up already - the user has used an invite link - the user has already solved the captcha (and registration failed for another reason) The Content-Security-Policy headers are altered automatically to allow the third-party hCaptcha scripts on `/about` and `/auth/sign_up` following the same rules as above. |
||
---|---|---|
.. | ||
account_controller_concern.rb | ||
account_owned_concern.rb | ||
accountable_concern.rb | ||
authorization.rb | ||
cache_concern.rb | ||
captcha_concern.rb | ||
challengable_concern.rb | ||
export_controller_concern.rb | ||
localized.rb | ||
rate_limit_headers.rb | ||
registration_spam_concern.rb | ||
session_tracking_concern.rb | ||
sign_in_token_authentication_concern.rb | ||
signature_authentication.rb | ||
signature_verification.rb | ||
status_controller_concern.rb | ||
theming_concern.rb | ||
two_factor_authentication_concern.rb | ||
user_tracking_concern.rb |