beenull/mCaptcha
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
mCaptcha/db
History
realaravinth 7d0e4c6be4
fix: prevent sitekey abuse with account secret authentication for access token validation 
SUMMARY
    At present, sitekey can be abused by installing it on a third-party
    site as verifying the access token returned from CAPTCHA validation
    doesn't require any authentication.

    This fix uses account secret authentication to verify access tokens

credits: by @gusted
2022-07-22 19:44:35 +05:30
..
db-core fix: prevent sitekey abuse with account secret authentication for access token validation 2022-07-22 19:44:35 +05:30
db-migrations feat: implement postgres migrations 2022-05-11 13:33:29 +05:30
db-sqlx-postgres fix: prevent sitekey abuse with account secret authentication for access token validation 2022-07-22 19:44:35 +05:30