add fake captcha fields

This commit is contained in:
b1ek 2023-04-17 15:23:10 +10:00
parent 6cbb91062f
commit c9e9debd70
Signed by: blek
GPG Key ID: 14546221E3595D0C
2 changed files with 15 additions and 4 deletions

View File

@ -11,7 +11,15 @@ async function index(req, res) {
req.session.captcha = crypto.randomBytes(8).toString('base64').substring(0, 6); req.session.captcha = crypto.randomBytes(8).toString('base64').substring(0, 6);
} }
req.session.captcha_input = crypto.randomBytes(8).toString('base64').substring(0,10); req.session.captcha_input = crypto.randomBytes(8).toString('base64').substring(0,crypto.randomInt(10,16));
let fake_fields = [];
const n = crypto.randomInt(10,20);
for (let i = 0; i != n; i++) {
fake_fields.push(crypto.randomBytes(8).toString('base64').substring(0,crypto.randomInt(10,16)))
}
req.session.fake_fields = fake_fields;
if (!req.session.csrf) if (!req.session.csrf)
req.session.csrf = crypto.randomBytes(10).toString('base64'); req.session.csrf = crypto.randomBytes(10).toString('base64');

View File

@ -7,14 +7,17 @@ block content
- var exceeded = submitted >= process.env.MAXFILES - var exceeded = submitted >= process.env.MAXFILES
form(action='/upload' method='POST') form(action='/upload' method='POST')
input(type='hidden' name='_csrf' value=req.session.csrf) input(type='hidden' name='_csrf' value=req.session.csrf)
p(align='center') p(align='center' style='padding-bottom:10px')
textarea(name='text' class='data' placeholder='Put your text in here!' + (maxlen ? ` (Max length is ${maxlen} bytes)` : '')) textarea(name='text' class='data' placeholder='Put your text in here!' + (maxlen ? ` (Max length is ${maxlen} bytes)` : ''))= req.session.last_text
br br
if (!exceeded) if (!exceeded)
br br
| Captcha: | Captcha:
br br
input(type='text' name=req.session.captcha_input) input(type='text' name=req.session.captcha_input style='font-family:monospace;text-align:center;padding:8px 0')
div(style='display:flex;dispaly:box;display:none')
each field in req.session.fake_fields
input(type='text' name=field style='font-family:monospace;text-align:center')
if (!exceeded) if (!exceeded)
+captcha(req.session.captcha) +captcha(req.session.captcha)
p(align='center' style='padding-bottom:10px') p(align='center' style='padding-bottom:10px')