Fix vulnerable.

2022-10-25 11:48:15 +08:00 · 2022-10-25 11:48:15 +08:00 · 79dbca5d86
parent 76646d0b43
commit 79dbca5d86
1 changed files with 3 additions and 1 deletions
--- a/app/controllers/ru_captcha/captcha_controller.rb
+++ b/app/controllers/ru_captcha/captcha_controller.rb
@ -7,9 +7,11 @@ module RuCaptcha
      if params[:format] == "wav" and RuCaptcha.espeak?
        data = generate_speech_rucaptcha
        opts = { disposition: 'inline', type: 'audio/wav' }
-      else
+      elsif params[:format].blank? || params[:format] == "gif"
        data = generate_rucaptcha
        opts = { disposition: 'inline', type: 'image/gif' }
      else
        render :body => nil, :status => 404 and return
      end
      send_data data, opts
    end