Contrib.social

Error message is wrong if reCAPTCHA is used as fallback captcha

Open on Drupal.org →
Created on 19 July 2022, about 2 years ago
Updated 15 December 2023, 10 months ago

Problem/Motivation

I'm using reCAPTCHA v3 as the main captcha, with the captcha from this module as fallback. I'm seeing a lot of errors in the logs, which made me think something was not configured right. But now, I think these errors are because of bots trying to submit the form without a reCAPTCHA token. The error message displayed is not clear.

Steps to reproduce

Disable JavaScript on a page with a form on which a captcha is active. The captcha_response element will have as value, which isn't overridden in JavaScript because it's not enabled. reCAPTCHA v3 will consider that value as a reCAPTCHA token and will try to validate it - even though the token is actually missing and thus shouldn't be validated at all.

Actual error message

Google reCAPTCHA v3 validation failed: The response parameter is invalid or malformed. Expected action did not match.

with $captcha_response being 'Google no captcha'

Expected error message

Google reCAPTCHA v3 validation failed: The response parameter is missing.

with $captcha_response being ''

Proposed resolution

Remove the Google no captcha default value.

🐛 Bug report
Status

Fixed

Version

3.0

Component

General

Created by

🇧🇪Belgium dieterholvoet Brussels

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024