django-recaptcha3 icon indicating copy to clipboard operation
django-recaptcha3 copied to clipboard

Published 20 hours ago verified publisher icon kbytesys

Allow option to raise SuspiciousOperation or PermissionDenied on low score

Open bretlowery opened this issue 5 years ago • 2 comments

IMHO I don't think telling a bad actor their reCAPTCHA score is a security best practice, as happens now in fields.py. A configurable option to optionally throw SuspiciousOperation and/or PermissionDenied instead, with a customizable message, would be preferable in a lot of use cases, and definitely not inform the bad actor of their score, unless say DEBUG = True.

bretlowery avatar Mar 28 '19 19:03 bretlowery

If I get a sec I'll submit a PR for this. I gotta do it in my use case anyway.

bretlowery avatar Mar 28 '19 19:03 bretlowery

Yes I agree. If you would like to submit a PR about this topic I will be very happy.

kbytesys avatar Apr 05 '19 14:04 kbytesys