[Catalyst] Automated testing of Captcha?
Matt S Trout
dbix-class at trout.me.uk
Mon Jan 28 16:35:23 GMT 2008
On Sat, Jan 26, 2008 at 02:07:04PM +0100, Sébastien Wagener wrote:
> On Fri, 2008-01-25 at 06:53 +0000, Matt S Trout wrote:
> > If you're outside, then either forcing the captcha to a particular string or
> > disabling it entirely are probably your only options - but that wasn't the
> > case here if you read carefully :)
> >
>
> For me, it was important to test whether the same captcha could be used
> twice, as I forgot to clear the captcha for the session after using it
Use flash?
> (as far as I remember, Catalyst::Plugin::Captcha does not enforce you to
> do so, neither does it encourage you to do so in the example)
> You cannot automatically test for this exploit with a static string for
> the captcha.
True. Maybe a testing plugin that stuffs the Captcha string into a header
in that case.
> As I am running all my test cases over fastcgi (for various reasons), I
> have a test action which returns the captcha of the current session.
> This action is of course only defined if some environment variable is
> set.
I tend to drop controllers into t/lib for that and use lib it from the
test.
Of course that doesn't work for remote testing, although PERL5LIB is still
an env var you could set :)
--
Matt S Trout Need help with your Catalyst or DBIx::Class project?
Technical Director http://www.shadowcat.co.uk/catalyst/
Shadowcat Systems Ltd. Want a managed development or deployment platform?
http://chainsawblues.vox.com/ http://www.shadowcat.co.uk/servers/
More information about the Catalyst
mailing list