- 🇨🇦Canada Liam Morland Ontario, CA 🇨🇦
8.x-2.x is no longer supported. If this applies to 8.x-3.x, please re-open.
This got "Closed (can be public)" from security.drupal.org
1. Enabling the recaptcha 8.x-2.4 and captcha 8.x-1.0-beta4 modules.
2. Enable Drupal page cache.
3. Add reCaptcha to any form.
4. Make sure caching works by getting same captcha_sid
and captcha_token
for form in each page request.
5. Submit the form by solving the reCaptcha. Copy the request as curl.
6. Alter the g-recaptcha-response
value and create new POST request with curl.
7. Altered POST request goes through without any captcha validation errors.
- Instead of recaptcha module use
simple_recaptcha →
, since it works with page cache and. At least as long as
#3095035: Is reCAPTCHA still being maintained? →
is not resolved.
-
#2219993-54: Enable cacheable captcha support (once 2449209 is committed) →
patch to recaptcha module to disable cache.
Closed: outdated
2.0
General
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
8.x-2.x is no longer supported. If this applies to 8.x-3.x, please re-open.