radziel/spotlightcam
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(security): implement Cloudflare Turnstile CAPTCHA on contact form

Browse Source 
- Add Turnstile script to frontend/index.html
- Implement programmatic widget rendering in ContactPage
- Add backend verification via Cloudflare API
- Include client IP in verification request
- Update CSP headers to allow Cloudflare resources
- Add environment variable configuration for site and secret keys
- Pass VITE_TURNSTILE_SITE_KEY to frontend container
- Add validation and error handling for CAPTCHA tokens
This commit is contained in:
Radosław Gierwiało
2025-12-05 18:08:05 +01:00
parent 25042d0fec
commit f3b8156557
8 changed files with 122 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
frontend/index.html
View File

@@ -30,6 +30,9 @@
<link rel="apple-touch-startup-image" href="/splash/iphone-8.png"
media="(device-width: 375px) and (device-height: 667px) and (-webkit-device-pixel-ratio: 2)" />
<!-- Cloudflare Turnstile -->
<script src="https://challenges.cloudflare.com/turnstile/v0/api.js" async defer></script>
<title>spotlight.cam - Dance Event Video Exchange</title>
</head>
<body>