Properly handle captcha signature exceptions
BadSignature is raised is the digest is empty, and SignatureExpired is a descendant of BadSignature so it needs to be handled first.
このコミットが含まれているのは:
コミット
4889449e1f
|
@ -5,7 +5,7 @@ import io
|
||||||
from enum import Enum
|
from enum import Enum
|
||||||
|
|
||||||
from itsdangerous import TimestampSigner
|
from itsdangerous import TimestampSigner
|
||||||
from itsdangerous.exc import BadTimeSignature, SignatureExpired
|
from itsdangerous.exc import BadSignature, SignatureExpired
|
||||||
from quart import current_app
|
from quart import current_app
|
||||||
|
|
||||||
CONFIG = current_app.config
|
CONFIG = current_app.config
|
||||||
|
@ -46,10 +46,10 @@ def check_captcha_digest(signer, digest, answer):
|
||||||
digest,
|
digest,
|
||||||
max_age=CONFIG['CAPTCHA_LIFETIME'],
|
max_age=CONFIG['CAPTCHA_LIFETIME'],
|
||||||
)
|
)
|
||||||
except BadTimeSignature:
|
|
||||||
result = Answer.BAD
|
|
||||||
except SignatureExpired:
|
except SignatureExpired:
|
||||||
result = Answer.EXPIRED
|
result = Answer.EXPIRED
|
||||||
|
except BadSignature:
|
||||||
|
result = Answer.BAD
|
||||||
else:
|
else:
|
||||||
try:
|
try:
|
||||||
raw_unsigned_digest = (
|
raw_unsigned_digest = (
|
||||||
|
|
読み込み中…
新しいイシューから参照