From 79dbca5d8691e6bf8ee00ef92d340f562caa8074 Mon Sep 17 00:00:00 2001
From: bohung <bohung@rulingcom.com>
Date: Tue, 25 Oct 2022 11:48:15 +0800
Subject: [PATCH] Fix vulnerable.

---
 app/controllers/ru_captcha/captcha_controller.rb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/app/controllers/ru_captcha/captcha_controller.rb b/app/controllers/ru_captcha/captcha_controller.rb
index bb020ac..532d784 100644
--- a/app/controllers/ru_captcha/captcha_controller.rb
+++ b/app/controllers/ru_captcha/captcha_controller.rb
@@ -7,9 +7,11 @@ module RuCaptcha
       if params[:format] == "wav" and RuCaptcha.espeak?
         data = generate_speech_rucaptcha
         opts = { disposition: 'inline', type: 'audio/wav' }
-      else
+      elsif params[:format].blank? || params[:format] == "gif"
         data = generate_rucaptcha
         opts = { disposition: 'inline', type: 'image/gif' }
+      else
+        render :body => nil, :status => 404 and return
       end
       send_data data, opts
     end