问题
REQ_PARAM_NAME::validated-captcha
REQ_PARAM_VALUE::Pair(false,Unable to validate in time. Response is assumed correct. 101781)
Why do I get this message from google?
The v2 reCaptcha checkbox is checked before submitting the form, but the server validation returns the above result and is rejected (Salesforce form rejects it).
** EDIT **
The website is a wordpress site. Here is the code I needed to add in the header:
<script src="https://www.google.com/recaptcha/api.js"></script>
<script> function timestamp() { var response = document.getElementById("g-recaptcha-response"); if (response == null || response.value.trim() == "") {var elems = JSON.parse(document.getElementsByName("captcha_settings")[0].value);elems["ts"] = JSON.stringify(new Date().getTime());document.getElementsByName("captcha_settings")[0].value = JSON.stringify(elems); } } setInterval(timestamp, 500);
</script>
The form has nothing special, but is submitted to Salesforce, so I do not validate the captcha myself:
<form action="https://webto.salesforce.com/servlet/servlet..." method=POST">
<input id="email" maxlength="80" name="email" size="20" type="text" />
<input type=hidden name='captcha_settings' value='{"keyname":"LOGIS_CO","fallback":"true","orgId":"00YXZ000000XYZ","ts":""}'>
<!-- some other fields -->
<div class="g-recaptcha" data-sitekey="xyz..."></div>
<br><input type="submit" name="submit">
The resulting message "...Unable to validate in time. Response is assumed correct. 101781)" was given to me by Salesforce support. So Salesforce form does receive the the posted form and they validate the captcha result.
In the end, Salesforce validates the resulting posted form, and they get that validated-captcha = false, Unable to validate in time. Response is assumed correct. 101781. and they reject the post. So Salesforce support asked me to check for this captcha error message myself...
回答1:
tl;dr When a visitor's system clock is lagging behind, the form cannot validated by SF, possibly considered as a delayed submission, so the error Unable to validate in time happens.
When I fill & submit the form, although I dont' have a SF setup, I can inspect what's being sent to SF server by using my browser's developer tools.
Apart from the usual fields, there was an additional information being sent to SF servers named ts inside the field captcha_settings which is a timestamp calculated with JavaScript by using client's system date.
It was not difficult to guess that it is being used for validation.
So I decided to create a SF account, luckily there was a 30-day trial option. After creating the account I created a web-to-case form with an auto response template simply says Case Successfully Created in Salesforce.
Acquired a reCAPTCHA v2 token for my test domain and put the form's HTML markup there and started to test.
I submitted the form 9-10 times with no problem. All cases created and I received an email for each one.
Then I set the system clock back two hours, submitted the form 2-3 times. The form was sent successfully as before, but this time nothing happened. I did not receive any email.
Then I adjusted system clock back to the correct time, and everything started working again as it should.
You can reproduce the issue by setting your computer's system clock a couple of hours back.
In summary, this is an issue that SF must fix. Relying on the client's system time, which is not a reliable source for a validation process, is definitely a bad choice. You may want to inform them about this problem.
Until SF does something, as a workaround, it would be OK to rely on a 3rd party timestamp service I think.
If you consider that, you can replace script tags in the header with the following.
<script src="https://www.google.com/recaptcha/api.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
<script>
var currentTimestamp;
$.getJSON( "http://icanhazepoch.com/", function( data ) {
currentTimestamp = data * 1000;
setInterval(timestamp, 500);
});
function timestamp() {
currentTimestamp += 500;
var response = document.getElementById("g-recaptcha-response");
if (response == null || response.value.trim() == "") {
var elems = JSON.parse(document.getElementsByName("captcha_settings")[0].value);
elems["ts"] = JSON.stringify(currentTimestamp);
document.getElementsByName("captcha_settings")[0].value = JSON.stringify(elems);
}
}
</script>
Whit this way, instead of client's system clock, the timestamp obtained from the service will be used by incrementing every 500ms.
I hope it helps you.
来源:https://stackoverflow.com/questions/58138707/google-recaptcha-unable-to-validate-in-time