Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added support for hCaptcha and Friendly Captcha #2387

Merged
merged 17 commits into from
Jul 14, 2023
Merged

Added support for hCaptcha and Friendly Captcha #2387

merged 17 commits into from
Jul 14, 2023

Conversation

DominickBattistini
Copy link
Contributor

Changes

Added support for hCaptcha and Friendly Captcha as Captcha Providers in our Bot Detection Feature.

@DominickBattistini DominickBattistini marked this pull request as ready for review July 6, 2023 21:04
@DominickBattistini DominickBattistini requested a review from a team as a code owner July 6, 2023 21:04
frederikprijck
frederikprijck requested changes Jul 7, 2023
View reviewed changes
src/connection/database/login_pane.jsx Outdated Show resolved Hide resolved
src/field/captcha/extended_captcha.jsx Outdated Show resolved Hide resolved
src/field/captcha/extended_captcha.jsx Outdated Show resolved Hide resolved
src/field/captcha/extended_captcha.jsx Outdated Show resolved Hide resolved
frederikprijck
frederikprijck requested changes Jul 13, 2023
View reviewed changes
src/connection/captcha.js Show resolved Hide resolved
src/connection/passwordless/actions.js Show resolved Hide resolved
src/core/index.js Show resolved Hide resolved
src/field/captcha/third_party_captcha.jsx
@@ -70,6 +94,11 @@ export class ReCAPTCHA extends React.Component {

script.src = scriptUrl;
script.async = true;
script.defer = true;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as with auth0.js, is setting defer to true critical to get the functionality work ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same thing, this just supports legacy browsers that would instead load synchronously which is the true risk here. any browser that supports async would use async. Recaptcha, hCaptcha, and Friendly Captcha all specify the use of both to support legacy browsers. But again, happy to conditionally add to hCaptcha and Friendly Captcha if desired.

frederikprijck
frederikprijck previously approved these changes Jul 13, 2023
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 14, 2023
View reviewed changes
src/field/captcha/third_party_captcha.jsx
case FRIENDLY_CAPTCHA_PROVIDER:
return 'friendly-captcha'
}
}

Check notice

Code scanning / CodeQL

Semicolon insertion Note

Avoid automated semicolon insertion (91% of all statements in
the enclosing script
Loading
have an explicit semicolon).
@frederikprijck frederikprijck enabled auto-merge (squash) July 14, 2023 20:25
@frederikprijck frederikprijck merged commit 16f0d87 into auth0:master Jul 14, 2023
3 checks passed
@frederikprijck frederikprijck mentioned this pull request Jul 17, 2023
Merged
@frederikprijck frederikprijck mentioned this pull request Oct 2, 2023
Merged
7 tasks
@snyk-io snyk-io bot mentioned this pull request Aug 12, 2024
Open
@snyk-io snyk-io bot mentioned this pull request Aug 13, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@frederikprijck frederikprijck frederikprijck approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@DominickBattistini @frederikprijck