|
After adding the following security header, the Captcha image does not show in IE11. Chrome, Edge and FireFox browsers are ok. This is possibly MIME related.
Any suggestions on how to fix?
<httpProtocol>
<customHeaders>
<!-- SECURITY HEADERS -->
<add name="X-Content-Type-Options" value="nosniff" />
</customHeaders>
</httpProtocol>
|
|
|
|
|
Is there something special that needs to get this to work under IIS7? It worked perfectly when I tested this under debug mode on VS2008, but now I've compiled the project and moved it to my testing webserver (Windows 2008R2 / IIS7), and the captcha image isn't being generated.
|
|
|
|
|
I think is a great job, Te simple Works fine but when I insert in my Project an error appears:
"Could not load file or assembly 'WebControlCaptcha' or one of its dependencies. The system can not find the file specified"
60: <httphandlers>
61: <add verb="GET" path="CaptchaImage.aspx" type="ControlCaptcha.CaptchaImageHandler, ControlCaptcha">
62:
|
|
|
|
|
|
All ready then, getting the captcha control (CC1) functioning as it should was one thing but then how does one "use it".
After some time I realized the following:
CC1 in the DLL communicates with the Validation control (V1).
At CC1 code entry, V1 checks the entry validity. V1 sets CC1.UserValidated = true if the CC1 code is correct.
A submit button simply has to check CC1.UserValidated.
The next issue was IIS7 integrated mode and HttpHandler requests.
I was required to enter this line in Web.config as shown below:
<validation validateIntegratedModeConfiguration="false" />
<configuration>
<system.webServer>
<handlers>
<add name="Captcha" path="CaptchaImage.aspx" verb="GET" type="WebControlCaptcha.CaptchaImageHandler, WebControlCaptcha" resourceType="Unspecified"/>
</handlers>
<validation validateIntegratedModeConfiguration="false" />
</system.webServer>
<system.web>
<compilation debug="true" strict="false" explicit="true" targetFramework="4.0"/>
<httpHandlers>
<add verb="GET" path="CaptchaImage.aspx"
type="WebControlCaptcha.CaptchaImageHandler, WebControlCaptcha" />
</httpHandlers>
</system.web>
</configuration>
This enabled captch image generation on both my local developement server and the remote IIS 7 server at discountasp.net (DASP.net). It appears that I have an issue with integrated mode on IIS 7 on DASP.net. Haven't sorted that out yet.
Thanks to CodeProject and Wumpus1 for providing a Captcha solution for .Net.
|
|
|
|
|
|
|
Thanks a lot for sharing such a solution. 
|
|
|
|
|
Your solution helped me in implementing a captcha for a webpart in SharePoint.
Great work!
Amit
|
|
|
|
|
If you're using IIS7, you probably will have problem on your website where the image is not showing up.
add code below to your webconfig:
<handlers>
<add name="WebControlCaptcha.CaptchaImageHandler" verb="GET" path="CaptchaImage.aspx" type="WebControlCaptcha.CaptchaImageHandler, WebControlCaptcha" resourceType="Unspecified" />
</handlers>
|
|
|
|
|
it didn't work and it's not explained well for c#. he should have explained one of them in well. in C# or in VB.
|
|
|
|
|
if you see everything is ok in local but you have problem in your website just replace "MSCaptcha.CaptchaImageHandler" with "MSCaptcha.captchaImageHandler" means just type captchaImageHandler with lower "c"
|
|
|
|
|
if you see everything is ok in local but you have problem in your website just replace "MSCaptcha.CaptchaImageHandler" with "MSCaptcha.captchaImageHandler" means just type captchaImageHandler with lower "c" 
|
|
|
|
|
Relying on a guid passed via a querystring opens this approach up to injection.
An attacker could decode one guid, then keep passing the same guid in a querystring.
You should either
- keep the guid (or captcha text) on the server, or
- only allow a guid to be used once
|
|
|
|
|
First of all, good work on the control.
I think it's appropriate to note that there isn't always a direct correlation between human readability and computer readability. I've seen many CAPTCHA systems that are very difficult for humans to read but are really easy for computers. The most notable mistake in this area is random colors and many small dots or lines (they need to be the same thickness as the letters or they'll be removed by a bot in one fast command leaving only easily segmentable letters).
To be honest, this CAPTCHA can be broken with fairly high accuracy using only 10 lines of my CBL scripting language (http://code.google.com/p/captcha-breaking-library/[^]). This system could be greatly strengthened just by moving the letters closer together, morphing/rotating the characters more, and possibly making the random lines the same thickness as the average letter.
// Print my signature
Console.WriteLine(Convert.ToBase64String(Enumerable.Range(0, 18).Where(x => x % 2 == 0).Select(x => Convert.ToByte(new List<color>() { Color.FromArgb(73, 202, 45), Color.FromArgb(180, 41, 90), Color.FromArgb(202, 218, 39) }.Select(c => Regex.Replace(ColorTranslator.ToHtml(c), @"\#", "")).Aggregate((c, n) => c + n).Substring(x, 2), 16)).ToArray()));
|
|
|
|
|
How do I add this control to Web Developer so that I can drag and drop it onto a web page?
I'm just starting to use this program and don't have any web development experience.
|
|
|
|
|
Hello,
This is very useful control for protecting online forms from bot scripts. Thanks a lot for your asp.net captcha control
|
|
|
|
|
I tried to place the Captcha Control on a page in my site. Everything seemed to work perfectly right from the start except that the image didn't show. I double checked everything and it all looked fine, debug didn't even give any useful info about the problem. After a lot of frustration, I discovered it was the deny rule that was preventing it. Add this code to your Web.Config to solve that:
<location path="CaptchaImage.aspx">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
|
|
|
|
|
Excellent solution. Just needed tweaking for IIS 7 and to make XHTML compliant.
|
|
|
|
|
Hi,
Everything works fine until i put something like <<s< into="" that="" text="" box.="" if="" you="" do="" that,="" application="" crashes="" with="" following="" lines="" being="" highlighted:
<pre="" lang="vb">''' <summary>
''' Retrieve the user's CAPTCHA input from the posted data
''' </summary>
Public Function LoadPostData(ByVal PostDataKey As String, ByVal Values As NameValueCollection) As Boolean Implements IPostBackDataHandler.LoadPostData
ValidateCaptcha(Convert.ToString(Values(Me.UniqueID)))
Return False
End Function
Since the exceptions thrown inside the function isn't being handled, an exception is thrown and execution gets stopped.
Replacing this with following seems to have solved this for a while:
Public Function LoadPostData(ByVal PostDataKey As String, ByVal Values As NameValueCollection) As Boolean Implements IPostBackDataHandler.LoadPostData
Try
ValidateCaptcha(Convert.ToString(Values(Me.UniqueID)))
Catch Exc As Exception
End Try
Return False
End Function
Thanks
|
|
|
|
|
On IIS7 .net 4 classic mode i get this error:
Handler "CaptchaImage" has a bad module "ManagedPipelineHandler" in its module list
|
|
|
|
|
|
It has been working, now it does not. Image no longer shown. No update done in the code. Not sure with hosting. Any same problem? How did you fix it?
|
|
|
|
|
I have page with CAPTCHA and couple checkboxes with AutoPostBack set to TRUE. Every time checkbox is checked, the CAPTCHA image changes. Is it possible not to generate a new captcha on every PostBack?
Thanks,
Dave
|
|
|
|
|
I have even tried configuring the handler section for IIS 7 with location and authorization tags but image is still not displaying. Please help!
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
