declare local var.isHighRisk BOOL;

# In the case of a failed challenge, serve the CAPTCHA screen again
if (req.restarts > 0 && req.http.captchaFail) {
  log "Failed CAPTCHA check. Redisplay form";
  error 601;
}

# If the user is submitting a solution to a CAPTCHA challenge,
# send it to the validation service to verify it
if (req.method == "POST" && subfield(req.url.qs, "captcha", "&") == "1") {
  log "Sending to CAPTCHA service to verify";
  set req.backend = F_origin_1;
  set req.http.host = "captcha-check.glitch.me";
  set req.http.origURL = querystring.filter(req.url, "captcha");
  set req.url = "/validate/6LdurkYUAAAAADDdbQveEGdjTy6kIKXulAv8N7a8";
  return(pass);
}

# TODO: Validate cookie signature
if (!req.http.Cookie:captchaAuth) {
  log "Request flagged for CAPTCHA";
  error 601;
}

# Otherwise set the regular backend
set req.backend = F_origin_0;
set req.http.host = "example.com";