[#16599] - Recaptcha invisible
- Closed
- 14 May 2018
- Medium
- Build: staging
- # 16599
- Diff
- AwesomIO:recaptcha-invisible
- Success hound 3 violations found. Details
- Success continuous-integration/drone/pr the build was successful Details
- Success continuous-integration/travis-ci/pr The Travis CI build passed Details
- Success continuous-integration/appveyor/pr AppVeyor build succeeded Details
- Error continuous-integration/jenkins/pr-merge This commit cannot be built Details
User tests: Successful: Unsuccessful:
Pull Request for Issue # .
Summary of Changes
Added invisible captcha on plg_captcha_recaptcha
Testing Instructions
- On https://www.google.com/recaptcha/admin select and create new invisible captcha.
- On Joomla Control panel activate and configur reCaptcha plugin
2.1. Insert your public and private keys
2.2. Select the Invisible version of catcha
2.3. Chose any of reposition the reCAPTCHA badge
(plagin setings http://joxi.ru/n2YVXzYUXBLOA6) - On Global Configuration panel choose captcha-reCaptcha
- Create testing contact and enable the display of the contact form
- Publish a contact with the contact form on any page of the site
Tested it on frontend!
Expected result
If you fill out the form manually and press "send" - captcha recognizes the person in you and allows sending. You will see a message about the successful sending of the form http://joxi.ru/EA4Z4paiLydbmb
To capture the robot in you, execute this code several times in the browser console
jQuery('#display-form').collapse('show'); var form = document.getElementById('contact-form'), inputCollection = form.getElementsByTagName('input'), inputCount = inputCollection.length; for(var i = 0; i < inputCount; i++){ item = inputCollection[i]; if(item.type == 'text'){ item.value = "blah-blah-blah"; } else if(item.type == 'email'){ item.value = "blah@blah.blah"; } else if(item.type == 'checkbox'){ item.checked = true; } else{ continue; } } var textareaCollection = form.getElementsByTagName('textarea'), textareaCount = textareaCollection.length; for(var i = 0; i < textareaCount; i++){ item = textareaCollection[i]; if(item.id === 'g-recaptcha-response') continue; item.value = "blah_blah_blah"; } form.submit();
If everything is done correctly, you will see an error message http://joxi.ru/8An9b03sYQqx2O
After several unsuccessful attempts, try sending the form manually. Captcha will show suspicion to you
http://joxi.ru/YmE03kqHdxnWr6
Thanks!
| Status | New | ⇒ | Pending |
joomla-cms-bot
- | Category | ⇒ | Administration Language & Strings JavaScript Front End Plugins |
| Labels |
Added:
?
?
|
||
General question: Are you sure you want to add this to the current recaptcha plugin instead of creating a new one? It has a slightly different API + markup + other JS include (so we have a lot if else now) ..
Not sure if it's worth it, but personally i have the feeling that having two plugins would make people's life easier.
@yvesh To create a new plug-in, you need to make changes to all the templates that use captcha
This is a lot of work and it is advisable to perform it on a new version (for example, on Joomla 4) For the new plug-in to work properly, you will have to make changes to all the templates in which the captcha is called.
In its present form, this is the management with the support of the new function and nothing more
This is my opinion and I'm ready to listen to criticism
I think it is OK to do it in this plugin, for the end user it is just another version they can select. For J4 we could decide to drop V1, is anybody still using that is something we can wonder.
Edit: When I created the invisible key, I can't even create a version 1 key anymore.
@kernusr All is working fine, the only thing I have a question about is how things are rendered. With the icon set to the right or left bottom it looks like this:
We have a Captcha field with a * that it is required and that may look confusing. I guess when we render the invisible captcha we shouldn't show the captcha field at all.
| Status | Pending | ⇒ | Information Required |
Version 1.0 of the reCAPTCHA API is no longer supported, please upgrade to Version 2.0.
No more reCaptcha 1.0 so we can drop that I guess, it only leads to problems if that option does not function.
thanks for this PR and the people that made an effort to test it
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/16599.
Version 1 is not supported but still works
Version 1 supported wildcards.
So if you had used wildcards and we remove support for v1 we break captcha on that site and they will need to get a new key for each domain
I completely agree with @brianteeman . At the moment, many people continue to use ReCaptcha v1 and disabling this feature will lead to problems in the operation of sites.
However, in Joomla 4 it is more reasonable to remove support for reCaptcha v1. This will not cause such problems because administrators and developers will have to carefully check each site that they update to Joomla 4. And getting a new key for each domain will not be a big deal.
We can't remove Version 1 now anyway because that would be a B/C break :) Having the discussion on where it is going is good.
I will try to solve this problem in the near future
Good. Let me know and I will test again.
Quote from developers.google.com:
If your site still uses reCAPTCHA v1, please update to reCAPTCHA v2 immediately. We no longer support reCAPTCHA v1, and can longer guarantee it will continue functioning. Please register a new key and upgrade to v2.
Google will no longer support ReCaptcha 1 and strongly recommends that you upgrade keys to reCaptcha 2. Why should we leave compatibility with a product that is no longer being accompanied?
I think that there is no point in supporting RePaptcha 1 in Joomla 4. Just need to add a message that you need to update the keys to re-access 2 similar to the message about switching to PHP 7. like this http://joxi.ru/KAgXBMEignxlDr only for reCaptcha
Just need to add a message that you need to update the keys to re-access 2 similar to the message about switching to PHP 7. like this http://joxi.ru/KAgXBMEignxlDr only for reCaptcha
I would go via a postinstall and not a message like the PHP one as not all sites uses this catcha and also not all of them use version 1. But i think this sould be a different issue. Can you open a new issue for that? I think i can build a postinstall for that issue than. And we can focus here on the catcha v3 ;)
If this PR get no Response, it will be closed at 17th September 2017.
This should not be closed since we have many requirements from users on the forums for this patch
| Status | Information Required | ⇒ | Discussion |
as this got Response Status is set on "Discussion".
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/16599.
Hi - this seems a good feature to implement :)
no update with this?
Sounds great
I agree, let's keep this in 1 PR and the other PR also makes it a standalone plugin which seems to be way to go.
| Status | Discussion | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2018-05-14 16:35:18 |
| Closed_By | ⇒ | roland-d |
I have tested this item✅ successfully on 9debe28
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/16599.