rauchg / slackin

Public Slack organizations made easy
http://rauchg.com/slackin/
MIT License
6.51k stars 1.34k forks source link

Add reCAPTCHA support to the badge/iframe version #332

Closed toolmantim closed 6 years ago

toolmantim commented 7 years ago

It appears that the reCAPTCHA support added in #311 ignored the badge/iframe version of slackin, and as it stands at the moment the badge version is unusable (see https://github.com/rauchg/slackin/pull/311#issuecomment-320101621). This is a problem for people wanting to update their Heroku apps because of the Node vulnerability.

This is a start at fixing it, but I'm not exactly sure how we can even support it in an iframe popup? For example:

hrmm
toolmantim commented 7 years ago

@whit537 for now I've had to switch to a fork/branch that reverts #311: https://github.com/toolmantim/slackin/commits/revert-recaptcha

chadwhitacre commented 7 years ago

@toolmantim FYI I'm not a maintainer on this project and I don't plan to help with adding reCAPTCHA support to the badge version. See SlackOut for an explanation of the security risk you're taking by reverting #311 (we're not actually using SlackIn anymore because our Slack hasn't recovered from SlackOut yet). Good luck! :-)

toolmantim commented 7 years ago

@whit537 yep, understood. I just thought you might have some ideas/thoughts on how to unbreak things, seeing as you did the implementation?

My only suggestion is to remove the popup that opens when you click the badge, and instead link to the URL in a new tab/window.

chadwhitacre commented 7 years ago

seeing as you did the implementation?

I actually just cleaned up someone else's implementation. 😞

toolmantim commented 6 years ago

Having switched to slackin-extended, I'm closing this for now.