From e4a6abe15e3236f99f8b5ee2866f6db212c71367 Mon Sep 17 00:00:00 2001 From: nexy7574 Date: Tue, 8 Jul 2025 19:07:27 +0100 Subject: [PATCH] feat(recaptcha): Disable treating captcha-enabled servers as abuse-prone --- src/core/config/check.rs | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/src/core/config/check.rs b/src/core/config/check.rs index 3dc45e2f..8a3d1f77 100644 --- a/src/core/config/check.rs +++ b/src/core/config/check.rs @@ -184,15 +184,17 @@ pub fn check(config: &Config) -> Result { && !config.yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse && config.registration_token.is_none() && config.registration_token_file.is_none() + && !(config.recaptcha_site_key.is_some() && config.recaptcha_private_site_key.is_some()) { return Err!(Config( "registration_token", - "!! You have `allow_registration` enabled without a token configured in your config \ - which means you are allowing ANYONE to register on your conduwuit instance without \ - any 2nd-step (e.g. registration token). If this is not the intended behaviour, \ - please set a registration token. For security and safety reasons, conduwuit will \ - shut down. If you are extra sure this is the desired behaviour you want, please \ - set the following config option to true: + "!! You have `allow_registration` enabled without a token or captcha configured \ + which means you are allowing ANYONE to register on your continuwuity instance \ + without any 2nd-step (e.g. registration token, captcha), which is FREQUENTLY \ + abused by malicious actors. If this is not the intended behaviour, please set a \ + registration token. For security and safety reasons, continuwuity will shut down. \ + If you are extra sure this is the desired behaviour you want, please set the \ + following config option to true: `yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse`" )); }