fix: Improve handling for solutions to ALTCHA challenges (!173) · Merge requests · The Tor Project / Web / donate-neo

stephen requested to merge better-challenge-solution-handling into main Dec 02, 2024

The ALTCHA proof-of-work mechanism employed on the Stripe side of the donation form requires two open URL endpoints; one for the user to ping and receive the challenge, and the other for the user to submit a solution to that challenge.

Regardless of how the rest of this mechanism operates, the endpoint which receives the challenge appears to be a little naive in its expectations; as #148 (closed) notes, it is receiving traffic which donate-neo is having trouble handling. Indeed, simply hitting /verifychallenge/ with a GET request in a browser causes the application to throw an exception. This MR intends to resolve this issue by giving that endpoint some healthy skepticism in what it's expecting.

tordonate.views.verify_challenge() has been extended with two new early exits, which both return HTTP 500. The first checks to see if the request contains a body at all, exiting early if not. The second takes the line which formerly assumed a JSON-formatted payload, and wraps it in a try/except block that handles JSONDecodeErrors gracefully. (And, again, we exit early if the payload isn't legible JSON.)

Code comments within this method have been expanded and tidied up commensurate with these changes.

Fixes #148 (closed).

Edited Dec 02, 2024 by stephen

fix: Improve handling for solutions to ALTCHA challenges

Merge request reports