Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
1. Ignore the CAPTCHA and submit.
2. Go back, enter "undefined" in the CAPTCHA field and submit again.
3. Profit
Comment | File | Size | Author |
---|---|---|---|
#1 | 995260-undefined-hack-01.patch | 1.6 KB | soxofaan |
Comments
Comment #1
soxofaan CreditAttribution: soxofaan commentedGood catch! How did you find this?
attached patch should fix it
Comment #2
soxofaan CreditAttribution: soxofaan commentedchanging version to trigger test bot (hopefully)
Comment #3
soxofaan CreditAttribution: soxofaan commentedstatus too
Comment #4
miopa CreditAttribution: miopa commentedI was wondering how many of the failed attempts were likely caused by human error as opposed to blocked spammers, and I noticed this in the dblog
The patch is fixing the bug, but now I get in the dblog
I think it would be better to have explanation that session reuse was detected in the log entry.
Comment #5
soxofaan CreditAttribution: soxofaan commentedHi miopa,
I think it's best to commit the patch from #1 already.
You have a point about having more information about session reuse attacks in the log, but I think this fits nicely in this feature request of you: #998326: Separate log of wrong and empty responses
Comment #6
soxofaan CreditAttribution: soxofaan commentedcommitted (D6): http://drupal.org/cvs?commit=466592
to be ported to D7 version
Comment #7
soxofaan CreditAttribution: soxofaan commentedported and committed to D7:
http://drupal.org/cvs?commit=470928