Opened 7 years ago

Closed 7 years ago

#11514 closed defect (fixed)

Captcha not working

Reported by: Dedalo Owned by: isis
Priority: Medium Milestone:
Component: Circumvention/BridgeDB Version:
Severity: Keywords: bridgedb-reportbug
Cc: isis Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

When a user wants to get IPV4 Bridge List is asked for writting captcha.

First Error:

Type the two words <-- There's only one word.

Second Error:

I've been trying to write the correct letters of the captcha but I can't, there's not a correct validation I've tried all letters in uppercase, all letters in lowercase, the ones in uppercase in upperscase, but no one works. This is happening in IPV6 - IPV4 and in OPTIONS.

Child Tickets

Attachments (2)

Selección_170.png (46.7 KB) - added by Dedalo 7 years ago.
patch (823 bytes) - added by cypherpunks 7 years ago.

Download all attachments as: .zip

Change History (8)

Changed 7 years ago by Dedalo

Attachment: Selección_170.png added

Changed 7 years ago by cypherpunks

Attachment: patch added

comment:1 Changed 7 years ago by cypherpunks

Status: newneeds_review

comment:2 Changed 7 years ago by isis

Wow, neato. First time someone has used the "Report Bug" link on https://bridges.torproject.org. :)

comment:3 in reply to:  1 Changed 7 years ago by isis

Replying to cypherpunks:

Thanks for the patch! A couple comments:

1) Unhandled Exceptions in the production server are piped to a file. Currently, that file is 25MB, and there are no Unhandled Exceptions in it. Plus, exceptions generated in the render_* methods of Twisted HTTP servers generally also send tracebacks to the client (although I've recently tried to prevent that from happening). I don't believe this is due to an Unhandled Exception.

2) Unless the decryption method produces an exception, it returns a string. str.lower() is a Python builtin, as well as str.__eq__(), and if either were raising exceptions, then Python developers all over the planet would probably be screaming at Guido. :)

3) The code you patched is the current develop branch. While that is generally exactly the correct thing to do when working on BridgeDB, the current deployed version is always the last tagged release. Those calls to lower() were introduced in dd9e75ba234d2d4aad90aedb0bf163d8bb13811b, and don't even exist yet in the version running on https://bridges.torproject.org.

Though I could be entirely wrong. If you can write me a unittest which is able to raise any Exception in the if solution.lower() == decrypted.lower(): line of GimpCaptcha, I will totally believe you that this line causes bugs.


Unrelated to code review, the first portion of this ticket is a duplicate of #11467.

comment:4 Changed 7 years ago by isis

Status: needs_reviewneeds_revision

comment:5 Changed 7 years ago by isis

How is this issue going?

comment:6 Changed 7 years ago by isis

Resolution: fixed
Status: needs_revisionclosed

The new CAPTCHA system was rolled out about two months ago, and I've not heard any complains since.

Closing as fixed.

Note: See TracTickets for help on using tickets.