From ce86ed6e5d0dadec775657f93f832341e5094deb Mon Sep 17 00:00:00 2001 From: regalijan Date: Thu, 19 Oct 2023 16:50:15 -0400 Subject: [PATCH] Read turnstile token directly from input element --- app/routes/report.tsx | 38 ++++++++++++++++++++------------------ 1 file changed, 20 insertions(+), 18 deletions(-) diff --git a/app/routes/report.tsx b/app/routes/report.tsx index 828bbd4..a803a15 100644 --- a/app/routes/report.tsx +++ b/app/routes/report.tsx @@ -42,7 +42,6 @@ export default function () { const [supportsRequestStreams, setSupportsRequestStreams] = useState(false); const toast = useToast(); const [uploading, setUploading] = useState(false); - const [turnstileToken, setTurnstileToken] = useState(""); const fileTypes: { [k: string]: string } = { gif: "image/gif", heic: "image/heic", @@ -81,16 +80,12 @@ export default function () { }).headers.has("Content-Type"); return duplexAccessed && !hasContentType; - })() + })(), ); }, []); const { logged_in, site_key } = useLoaderData(); - function setToken(token: string) { - setTurnstileToken(token); - } - async function submit() { const usernames = ( document.getElementById("usernames") as HTMLInputElement @@ -124,13 +119,23 @@ export default function () { title: "Too Many Usernames", }); - if (!logged_in && !turnstileToken) - return toast({ - description: "Please complete the captcha and try again", - isClosable: true, - status: "error", - title: "Captcha not completed", - }); + let turnstileToken = ""; + + if (!logged_in) { + const tokenElem = document + .getElementsByName("cf-turnstile-response") + .item(0) as HTMLInputElement; + + if (!tokenElem.value) + return toast({ + description: "Please complete the captcha and try again", + isClosable: true, + status: "error", + title: "Captcha not completed", + }); + + turnstileToken = tokenElem.value; + } const description = ( document.getElementById("description") as HTMLTextAreaElement @@ -144,6 +149,7 @@ export default function () { const submitReq = await fetch("/api/reports/submit", { body: JSON.stringify({ + bypass: false, description: description || undefined, files: filelist, turnstileResponse: logged_in ? undefined : turnstileToken, @@ -300,11 +306,7 @@ export default function () {