1b493c9fee
Fixes #1649 This requires setting `HCAPTCHA_SECRET_KEY` and `HCAPTCHA_SITE_KEY`, then enabling the admin setting at `/admin/settings/edit#form_admin_settings_captcha_enabled` Subsequently, a hCaptcha widget will be displayed on `/about` and `/auth/sign_up` unless: - the user is already signed-up already - the user has used an invite link - the user has already solved the captcha (and registration failed for another reason) The Content-Security-Policy headers are altered automatically to allow the third-party hCaptcha scripts on `/about` and `/auth/sign_up` following the same rules as above. |
||
---|---|---|
.. | ||
activitypub | ||
admin | ||
api | ||
auth | ||
concerns | ||
oauth | ||
settings | ||
well_known | ||
about_controller.rb | ||
account_follow_controller.rb | ||
account_unfollow_controller.rb | ||
accounts_controller.rb | ||
application_controller.rb | ||
authorize_interactions_controller.rb | ||
custom_css_controller.rb | ||
directories_controller.rb | ||
emojis_controller.rb | ||
filters_controller.rb | ||
follower_accounts_controller.rb | ||
following_accounts_controller.rb | ||
health_controller.rb | ||
home_controller.rb | ||
instance_actors_controller.rb | ||
intents_controller.rb | ||
invites_controller.rb | ||
manifests_controller.rb | ||
media_controller.rb | ||
media_proxy_controller.rb | ||
public_timelines_controller.rb | ||
relationships_controller.rb | ||
remote_follow_controller.rb | ||
remote_interaction_controller.rb | ||
shares_controller.rb | ||
statuses_cleanup_controller.rb | ||
statuses_controller.rb | ||
tags_controller.rb |