希望增加验证码验证错误时的处理
Hoshino-Yumetsuki opened this issue · 0 comments
Hoshino-Yumetsuki commented
最近针对twikoo的恶意刷评论攻击比较火爆,由于攻击者直接请求twikoo的api,而不经过前端,所以cloudflare不会显示Turnstile质询,也不会有记录,会出现例如
8/12/2024, 9:46:39 PM Twikoo: Twikoo 遇到错误,请参考以下错误信息。如有疑问,请反馈至 https://github.com/twikoojs/twikoo/issues
8/12/2024, 9:46:39 PM Twikoo: 请求参数: {
event: 'COMMENT_SUBMIT',
accessToken: '123456771a154efd84d12aaf78504001',
comment: '謔',
nick: 'Irving13',
mail: 'Gracie_Shanahan@hotmail.com',
link: 'https://masculine-cappelletti.info',
href: 'https://anjiurine.top/posts/228c2ef8/',
url: '/posts/228c2ef8/',
ua: 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_9_3 rv:2.0; KG) AppleWebKit/536.0.2 (KHTML, like Gecko) Version/4.0.3 Safari/536.0.2'
}
8/12/2024, 9:46:39 PM Twikoo: 错误信息: Error: 验证码检测失败: Cannot read properties of undefined (reading 'name')
at checkTurnstileCaptcha (/app/node_modules/twikoo-func/utils/index.js:285:13)
at checkCaptcha (/app/node_modules/tkserver/mongo.js:702:11)
at commentSubmit (/app/node_modules/tkserver/mongo.js:592:9)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async module.exports (/app/node_modules/tkserver/mongo.js:107:15)
at async Server.<anonymous> (/app/node_modules/tkserver/server.js:31:10)
这样的情况,控制台被错误日志覆盖,希望能增加相关处理,如改善错误日志刷屏或使Turnstile能够记录到日志