Skip to content

Commit

Permalink
Use 403 status when verify_captcha fails. (#4852)
Browse files Browse the repository at this point in the history
Also, add a test.
  • Loading branch information
dkinzer authored Jan 10, 2025
1 parent f182502 commit dc2b6d5
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 1 deletion.
2 changes: 1 addition & 1 deletion app/controllers/concerns/server_errors.rb
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ module ServerErrors
end

rescue_from Recaptcha::VerifyError do |exception|
render "errors/internal_server_error", status: :bad_gateway
render "errors/internal_server_error", status: 403
end

rescue_from Alma::RequestOptions::ResponseError do |exception|
Expand Down
9 changes: 9 additions & 0 deletions spec/controllers/primo_central_controller_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,15 @@
expect(flash[:error]).to eq("Your search has timed out. You may have exceeded the maximum number of pages allowed for Article search results in Library Search.")
end
end
end

describe "recaptcha" do
context "with recaptche enabled" do
it "should not allow article searches" do
stub_const("ENV", ENV.to_h.merge("RECAPTCHA_SITE_KEY" => "foo"))
allow(controller).to receive(:verify_recaptcha).and_return(false)
expect { get :index, params: { q: "foo " } }.to raise_error(Recaptcha::VerifyError)
end
end
end
end

0 comments on commit dc2b6d5

Please sign in to comment.