.NET的Recaptcha HTTPS [英] .NET Recaptcha https

问题描述

我们已经使用ASP.NET验证码控制启动，并工作正常。但我们有一个要求是，所有出站流量都通过HTTPS。

我知道的reCAPTCHA支持HTTPS，但目前还不清楚如何配置（或者即使它是可配置）使用ASP.NET插件选项时。

有没有人有这样的经验吗？

我会扩大我到目前为止找到了一点......

的ReCaptcha包中包含3公开课

RecaptchaControl，
RecaptchaValidator
和
RecaptchaResponse

RecaptchaControl 是一个Asp.NET控制的ReCaptcha上有具体的方法似乎是关于主题/外观和感觉。

该校验器的实例有一个REMOTEIP场（我presume将重新present验证服务器），但我无法在绑定方式来控制。

RecaptchaResponse 似乎或多或少重新present与可能的反应枚举（有效/无效/无法连接）。

看起来像的ReCaptcha控制智能选择 HTTPS 如果请求是HTTPS。
我presuming它为验证相同，但它不是从源头code清晰
的http://$c$c.google.com/p/recaptcha/source/browse/trunk/recaptcha-plugins/dotnet/library/

 私人常量字符串VerifyUrl =htt​​p://www.google.com/recaptcha/api/verify;
私人常量字符串RECAPTCHA_SECURE_HOST =htt​​ps://api-secure.recaptcha.net;
私人常量字符串RECAPTCHA_HOST =htt​​p://api.recaptcha.net;
-------------------------------- SNIP ----------------- -------------------
///＆LT;总结＆gt;
        ///这个函数生成的挑战URL。
        ///＆LT; /总结＆gt;
        私人字符串GenerateChallengeUrl（布尔的NoScript）
        {
            StringBuilder的urlBuilder =新的StringBuilder（）;
            urlBuilder.Append（？Context.Request.IsSecureConnection || this.overrideSecureMode RECAPTCHA_SECURE_HOST：RECAPTCHA_HOST）;
            urlBuilder.Append（？NoScript的/无脚本？：/挑战是什么？）;
            urlBuilder.AppendFormat（K = {0}，this.PublicKey）;
            如果（this.recaptchaResponse = NULL＆放大器;！＆安培;！this.recaptchaResponse.Error code =的String.Empty）
            {
                urlBuilder.AppendFormat（与＆amp;误差= {0}，this.recaptchaResponse.Error code）;
            }            返回urlBuilder.ToString（）;
        }
 

解决方案

如果您检查<一href=\"http://recaptcha.net/apidocs/captcha/client.html\">http://recaptcha.net/apidocs/captcha/client.html它说：

  

为了避免让浏览器
  警告，如果您使用的reCAPTCHA上
  SSL的网站，应更换
   http://api.recaptcha.net与
   https://api-secure.recaptcha.net 。

所以很明显的reCAPTCHA支持HTTPS意见书。请问ASP.NET控件有什么属性，你可以配置出站网址是什么？在最坏的情况，你可能需要使用反射检查code和看看它是如何构建的。

We've started using the ASP.NET recaptcha control and it works fine. but one of the requirements we have is that all outbound traffic goes over Https.

I know that recaptcha supports https, but It's not clear how to configure (or even if it is configurable) when using the ASP.NET plugin option.

has anyone got any experience of this?

I'll expand a little on what I've found so far....

The Recaptcha package contains 3 public classes

RecaptchaControl, RecaptchaValidator and RecaptchaResponse

RecaptchaControl is an Asp.NET control, the recaptcha specific methods on there seem to be concerning themes/look and feel.

An instance of the Validator has a RemoteIP field (which I presume would represent the verification server), but I can't a way of binding that to the control.

RecaptchaResponse seems to more or less represent an enum with possible responses (valid/invalid/failed to connect).

looks like the Recaptcha control intelligently selects https if the request was https. I'm presuming it does the same for the validation, but its not clear from source code http://code.google.com/p/recaptcha/source/browse/trunk/recaptcha-plugins/dotnet/library/

private const string VerifyUrl = "http://www.google.com/recaptcha/api/verify";
private const string RECAPTCHA_SECURE_HOST = "https://api-secure.recaptcha.net";        
private const string RECAPTCHA_HOST = "http://api.recaptcha.net";
--------------------------------SNIP------------------------------------
/// <summary>
        /// This function generates challenge URL.
        /// </summary>
        private string GenerateChallengeUrl(bool noScript)
        {
            StringBuilder urlBuilder = new StringBuilder();
            urlBuilder.Append(Context.Request.IsSecureConnection || this.overrideSecureMode ? RECAPTCHA_SECURE_HOST : RECAPTCHA_HOST);
            urlBuilder.Append(noScript ? "/noscript?" : "/challenge?");
            urlBuilder.AppendFormat("k={0}", this.PublicKey);
            if (this.recaptchaResponse != null && this.recaptchaResponse.ErrorCode != string.Empty)
            {
                urlBuilder.AppendFormat("&error={0}", this.recaptchaResponse.ErrorCode);
            }

            return urlBuilder.ToString();
        }

解决方案

If you check out http://recaptcha.net/apidocs/captcha/client.html it says:

"In order to avoid getting browser warnings, if you use reCAPTCHA on an SSL site, you should replace http://api.recaptcha.net with https://api-secure.recaptcha.net."

So clearly recaptcha supports HTTPS submissions. Does the ASP.NET control have any properties you can configure the outbound URL? At worst you might need to use Reflector to examine the code and see how it's built.

这篇关于.NET的Recaptcha HTTPS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！