[Dev] [Servers - Bug #2419] [CAPTCHA] Are you serious?

labs at parabola.nu labs at parabola.nu
Sat Aug 10 17:12:23 GMT 2019

Issue #2419 has been updated by temporaryuser.

Update: the CAPTCHA is easily bypassed by executing the following code in the console:
<pre><code class="javascript">
$('#completed-div').show() ; setTimeout(()=> { location.reload() ; } , 5000) ;

Bug #2419: [CAPTCHA] Are you serious?

* Author: temporaryuser
* Status: unconfirmed
* Priority: bug
* Assignee: 
* Category: 
I have seen the CAPTCHA on registration page. This CAPTCHA is unacceptable.
It _will_ make registration longer. It _will not_ prevent robots from registering on the website.
I have read the source code. CAPTCHAs must not be done this way. Do you really think robots will execute *YOUR* JavaScript? *Never trust the client.* https://labs.parabola.nu/match_game/match_game.js
If you will fix this issue, there are more issues:
Cards are stored here: https://labs.parabola.nu/match_game/assets/cards.png. This image can be used to bypass CAPTCHA.
Directory name is _assets_, which is not allowed by GNU. https://www.gnu.org/philosophy/words-to-avoid.html#Assets
There is '.' after '?' in 'would you?.'.
And, finally, it will be impossible to register without JavaScript, I think.

-- ^^^^ Type your reply above this line ^^^^ --
--     Please keep the 'Subject' as it is    --

You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://labs.parabola.nu/my/account

More information about the Dev mailing list