Cavemanon/haproxy-protection
9
Fork 0
mirror of https://gitgud.io/fatchan/haproxy-protection.git synced 2025-05-09 02:05:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

change cookie to not expire instead of client-controlled expiry (duh)

Browse Source 
use bucket duration as part of secret generation
xxh32 -> xxh64
This commit is contained in:
Thomas Lynch
2021-11-24 01:09:11 +11:00
parent f7f6ecd276
commit 0c0fa22d6f
2 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/scripts/hcaptcha.lua
View File

@@ -78,7 +78,7 @@ function _M.view(applet)
local floating_hash = utils.generate_secret(applet, cookie_secret, true)
applet:add_header(
"set-cookie",
string.format("z_ddos_captcha=%s; Max-Age=14400; Path=/", floating_hash)
string.format("z_ddos_captcha=%s; expires=Thu, 31-Dec-37 23:55:55 GMT; Path=/", floating_hash)
)
-- else
-- core.Debug("HCAPTCHA FAILED: " .. json.encode(api_response))