发表新帖
发表新帖

Test invisible recaptcha

后端 未结
关注
8 1773
没有蜡笔的小新
没有蜡笔的小新 2020-12-13 17:55

We have integrated invisible recaptcha in one of our websites. Whenever we submit the form it automatically submits.

I read in some google groups that we would get

相关标签:
8条回答
  • 既然无缘
    2020-12-13 18:07

    I found an excellent answer that works as of 2018-08-27.

    In Chrome, hit F12 to open the Developer Console. Next, toggle the Device Toolbar, select a device and click Edit... Now, add a new device with the following configuration:

    Once you hit save and use the new device, the ReCaptcha should open a modal requiring the user to match images.

    Credit: This answer was originally posted on https://www.tectite.com/fmhowto/test-invisible-recaptcha.php?WWWTECTITE=p32j2na5otc4rmtbmfsmf9rci6

    0 讨论(0)
  • 猫巷女王i
    2020-12-13 18:12

    Invisible recaptcha check fails if you try to access your page via automated tests (in my case chrome browser) since chrome has a feature to recognize if the browsers is controlled by such software... so try to create easy tests in Python or Java(+webdriver), to see if recaptcha is implemented correctly.

    0 讨论(0)
  • 伪装坚强ぢ
    2020-12-13 18:14

    You can test invisible recaptcha by using Chrome emulator.

    You will need to add a new custom device (BOT) in developer tools, and set User Agent String to Googlebot/2.1 on Desktop. Then use the new BOT device when testing on your site to trigger the recaptcha authentication.

    Note: ReCaptcha v3 will still let the google bot pass as it has a score of 0.9 when emulating in Chrome.

    V2 INVISIBLE In this case just use Incognito or Private browsing to see it works.

    Here is the testing link where ReCaptcha is working: https://www.google.com/recaptcha/api2/demo?invisible=true

    Please give the credits to the guys in comments below.

    0 讨论(0)
  • 故里飘歌
    2020-12-13 18:16

    If you have the luxury of a VPN, switch to a bad rep IP or country or an IP commonly used for P2P. This works for me most of the time.

    0 讨论(0)
  • 离开以前
    2020-12-13 18:18

    The way I tackled it:

    1. Go to your POST to google.com/recaptcha/api/siteverify

    2. Before the response is returned, set the success property in the response to false.

    I'm using Guzzle in Laravel (thanks to this example):

    $response = $client->post('https://www.google.com/recaptcha/api/siteverify', [
    'query' => [
        'secret' => env('RECAPTCHA_V3_SECRET_KEY'),
        'response' => $value,
        'remoteip' => $_SERVER['REMOTE_ADDR'],
    ]
]);

$body = $response->getBody();

$contents = json_decode($body->getContents());

$contents->success = false;

return $contents;
    0 讨论(0)
  • 太阳男子
    2020-12-13 18:24

    If you did not implement the code yourself, the first thing to check is the source code, see if reCaptcha is actually loaded. When using a CMS, I search for this line (or similar):

    script type='text/javascript' async defer src='https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit&hl=de-CH'
    0 讨论(0)
 看不清?
提交回复
热议问题