/* SPDX-License-Identifier: LicenseRef-GPL-3.0-or-later-WITH-js-exceptions * * Part of Hacktcha, a free/libre front-end for reCAPTCHA for use with Haketilo. * * Copyright (C) 2022 Wojtek Kosior * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * As additional permission under GNU GPL version 3 section 7, you * may distribute forms of that code without the copy of the GNU * GPL normally required by section 4, provided you include this * license notice and, in case of non-source distribution, a URL * through which recipients can access the Corresponding Source. * If you modify file(s) with this exception, you may extend this * exception to your version of the file(s), but you are not * obligated to do so. If you do not wish to do so, delete this * exception statement from your version. * * As a special exception to the GPL, any HTML file which merely * makes function calls to this code, and for that purpose * includes it by reference shall be deemed a separate work for * copyright law purposes. If you modify this code, you may extend * this exception to your version of the code, but you are not * obligated to do so. If you do not wish to do so, delete this * exception statement from your version. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <https://www.gnu.org/licenses/>. * * * I, Wojtek Kosior, thereby promise not to sue for violation of this file's * license. Although I request that you do not make use of this code in a * proprietary program, I am not going to enforce this in court. */ /* Use with https://google.com/recaptcha/api2/anchor */ "use strict"; /* * reCAPTCHA uses a less common variant of base64 which we produce by slightly * modifying the output of JavaScript's native base64 encoding routine. */ function rc_base64_decode(data_b64) { data_b64 = data_b64 .replaceAll("-", "+") .replaceAll("_", "/") .replaceAll(".", "="); return atob(data_b64); } const rc_params = new URLSearchParams(window.location.search); const site_key = rc_params.get("k"); const rc_version = rc_params.get("v"); const lang = rc_params.get("hl") || "en"; const origin_b64 = rc_params.get("co"); const origin = rc_base64_decode(origin_b64); const initial_token = document.getElementById("recaptcha-token").value; const smuggled_data = {origin, initial_token}; const bframe_url = new URL("https://google.com/recaptcha/api2/bframe"); bframe_url.search = new URLSearchParams([ ["hl", lang], ["v", rc_version], ["k", site_key] ]); bframe_url.hash = encodeURIComponent(JSON.stringify(smuggled_data)); window.location.href = bframe_url;