views.captcha_image and captcha_audio
Closed this issue · 2 comments
GoogleCodeExporter commented
Is it OK that it generates image every time client requests the view? And
the data are served to client via django. So, would it be better to:
1. add FileFields (for image and audio)
2. rewrite views so they would generate data first time only (generate +
save it to FileFields) and return a RedirectResponse
3. so files could be served as a static data (via nginx, lighty or something)
4. ???
5. PROFIT!!! (better performance, stability and such)
If you like the idea, I'll write a patch.
Original issue reported on code.google.com by ww.lss...@gmail.com
on 23 Sep 2009 at 4:42
GoogleCodeExporter commented
Sorry, I don't like the idea of storing captchas, because 1) it opens the
possibility of repetition attacks and 2) we
have to care about disk space, write permissions, conflicting filenames, ....
Original comment by mbonetti
on 8 Dec 2009 at 2:14
- Changed state: WontFix
GoogleCodeExporter commented
1) I wrote a patch that don't affect the way the application generates captcha
and
hashcode. So, if I understand you right, the possibility of repetition attacks
is
just the same as in original version. I just want to avoid the issue when the
SAME
image has to be generated twice (or more).
2) Static files are to be stored in django static directory, so write
permissions,
conflicting filenames and such are handled by django. As for disk space, the
files
are stored temporary and are deleted when CaptchaStore is deleted (django
handles
this).
I've attached a patch here, so you could see how it's done. The patch is not
well
tested though.
Original comment by ww.lss...@gmail.com
on 14 Dec 2009 at 6:32
Attachments: