|
Andrzej Wójcik (Tigase) opened 9 months ago
|
||||||
|
|
Andrzej Wójcik (Tigase) changed state to 'In Progress' 9 months ago
|
||||||
|
Referenced from commit 9 months ago
|
|||||||
|
|
Andrzej Wójcik (Tigase) changed state to 'In QA' 9 months ago
|
||||||
|
|
I've implemented changes as discussed with @bmalkow. |
||||||
|
|
Andrzej Wójcik (Tigase) changed fields 9 months ago
|
||||||
|
wojciech.kapcia@tigase.net batch edited 3 months ago
|
||||||
|
|
wojciech.kapcia@tigase.net batch edited 3 months ago
|
||||||
|
|
Andrzej Wójcik (Tigase) changed state to 'Closed' 3 months ago
|
| Type |
Task
|
| Priority |
Normal
|
| Assignee | |
| Version |
tigase-server-8.4.0
|
| Server Version |
8.4.0
|
| Target Release |
1.1
|
| Sprints |
n/a
|
| Customer |
n/a
|
Iterations
-
tigase-server-8.4.0 Closed
Issue Votes (0)
Watchers (4)
Registration captcha makes registration difficult for users not used to filling forms and required data. With our default authentication timeout of 120s, it is difficult to understand the form and fill it if CAPTCHA is enabled, as after 120s CAPTCH is invalidated (it is kept in
XMPPResourceConnectioninstance that is destroyed after disconnection).Additionally, some often used clients (ie. Gajim, Kaidan) are fetching form and disconnecting from the server and sending form on a subsequent connection to the server making impossible for those clients to register to our service. After a short research it looks like it is a common practice.
Solution both issues is to store CAPTCHA data in HMAC signed hidden field in form allowing it to be used even on subsequent connection to the servers for about 5 minutes since retrieval of the form.