5c88cb1a67
Fixes #1649 This requires setting `HCAPTCHA_SECRET_KEY` and `HCAPTCHA_SITE_KEY`, then enabling the admin setting at `/admin/settings/edit#form_admin_settings_captcha_enabled` Subsequently, a hCaptcha widget will be displayed on `/about` and `/auth/sign_up` unless: - the user is already signed-up already - the user has used an invite link - the user has already solved the captcha (and registration failed for another reason) The Content-Security-Policy headers are altered automatically to allow the third-party hCaptcha scripts on `/about` and `/auth/sign_up` following the same rules as above. |
||
---|---|---|
.. | ||
challenges_controller.rb | ||
confirmations_controller.rb | ||
omniauth_callbacks_controller.rb | ||
passwords_controller.rb | ||
registrations_controller.rb | ||
sessions_controller.rb | ||
setup_controller.rb |