Properly handle captcha signature exceptions
BadSignature is raised is the digest is empty, and SignatureExpired is a descendant of BadSignature so it needs to be handled first.
このコミットが含まれているのは:
コミット
4889449e1f
|
@ -5,7 +5,7 @@ import io
|
|||
from enum import Enum
|
||||
|
||||
from itsdangerous import TimestampSigner
|
||||
from itsdangerous.exc import BadTimeSignature, SignatureExpired
|
||||
from itsdangerous.exc import BadSignature, SignatureExpired
|
||||
from quart import current_app
|
||||
|
||||
CONFIG = current_app.config
|
||||
|
@ -46,10 +46,10 @@ def check_captcha_digest(signer, digest, answer):
|
|||
digest,
|
||||
max_age=CONFIG['CAPTCHA_LIFETIME'],
|
||||
)
|
||||
except BadTimeSignature:
|
||||
result = Answer.BAD
|
||||
except SignatureExpired:
|
||||
result = Answer.EXPIRED
|
||||
except BadSignature:
|
||||
result = Answer.BAD
|
||||
else:
|
||||
try:
|
||||
raw_unsigned_digest = (
|
||||
|
|
読み込み中…
新しいイシューから参照