Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

What if the users browser has JS turned on but not support webworker / wasm? #9

Open
ForestJohnson opened this issue Dec 10, 2024 · 0 comments
Open

What if the users browser has JS turned on but not support webworker / wasm? #9

ForestJohnson opened this issue Dec 10, 2024 · 0 comments

Comments

@ForestJohnson
Copy link
Member

ForestJohnson commented Dec 10, 2024
edited
Loading

in that case currently it looks broken. I fixed this for capsul by moving the part that draws the captcha into the progress update handler. that way it only draws if the webworker/wasm is functioning. Also, the readme and example should not disable the submit button in that case. Just handle submit without PoW in some other way on the server side.

See the capsul repo for an example of this:
https://git.cyberia.club/cyberia/capsul-flask/src/branch/main/capsulflask/auth.py#L105-L106

           if (not known_user) and (not valid_solution):
                return redirect(url_for("auth.email_request", untrusted_input_email=email))

https://git.cyberia.club/cyberia/capsul-flask/src/branch/main/capsulflask/auth.py#L173-L188

@bp.route("/email_request/<string:untrusted_input_email>", methods=("GET", ))
def email_request(untrusted_input_email: str):
    match_special_characters = re.compile(r"[^a-zA-Z0-9@+._-]+")
    sanitized_email = match_special_characters.sub("", untrusted_input_email)
    return render_template("email_request.html", redirect_url=url_for("auth.i_will_await_your_correspondence", untrusted_input_email=sanitized_email))

@bp.route("/i_will_await_your_correspondence/<string:untrusted_input_email>", methods=("GET", ))
def i_will_await_your_correspondence(untrusted_input_email: str):
    match_special_characters = re.compile(r"[^a-zA-Z0-9@+._-]+")
    sanitized_email = match_special_characters.sub("", untrusted_input_email)
    if wait_for_delivery_manager_to_recieve_email_from_user(sanitized_email):
        get_model().record_known_user(sanitized_email)
        return handle_login_post(sanitized_email, "", "")
    else:
        return redirect(url_for("landing.support"))

https://git.cyberia.club/cyberia/capsul-flask/src/branch/main/capsulflask/templates/email_request.html#L10-L20

  <div class="row half-margin">
    <h1>ONE MORE THING</h1>
  </div>
  <div class="row half-margin">
    <div>
      <p>Spam bots have been hammering our login page and hurting our email server's reputation.</p>
      <p>Please send us an email ( <a href="mailto:logins@capsul.org?subject=let%20me%20in">logins@capsul.org</a> ) to let us know you are a real person.</p>
      <p>Once we recieve the email, this page should finish loading.</p>
      <p>logins@capsul.org</p>
    </div>
  </div>
@ForestJohnson ForestJohnson changed the title What if the users browser does not support webworker / wasm? What if the users browser has JS turned on but not support webworker / wasm? Dec 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ForestJohnson