reCaptcha - submitted form is validated?

Asked

Viewed 135 times

0

I am implementing reCaptcha, the box with the checkbox for the user to click and confirm that it is not a robot is being presented, but I have doubts if it is really working, because I am using:

"... if(grecaptcha.getResponse() == "")..." 

and I don’t know if any robot could circumvent that, since I’m not analyzing the response that the Google API returns, I just check for feedback.

Note: this page is HTML, but I will also complete the jsp reCaptcha.

Follows code:

function logar(){
	if (grecaptcha.getResponse() == "")
	 {
	      alert("Você não clicou no reCAPTCHA, por favor, faça!")
	      return false;
	 } else {
		 document.login.submit();
	 }
}
<script src='https://www.google.com/recaptcha/api.js?hl=pt' async defer></script>


<form class="form-inline" role="form" name="login" action="loginController.do" method="post">
  <div class="modal-body">
    Usuario: <input type="text" name="login">
    senha <input type="text" name="senha">
    <div class="g-recaptcha" data-sitekey="XX_chave_XX"></div>
  </div>
  <div class="modal-footer">
    <button type="button" class="btn btn-default" data-dismiss="modal">Fechar</button>
    <button type="button" class="btn btn-primary" onClick="logar()" >Login</button>
  </div>
</form>

Thank you very much!!

1 answer

0

If the user does not correctly mark the reCaptcha box, the return will not be an empty string, the way you are comparing. But an empty array. Therefore, you should check as follows:

var v = grecaptcha.getResponse();
if(v.length == 0)
{
    alert("Você não clicou no reCAPTCHA, por favor, faça!")
    return false;
} else {
     document.login.submit();
 }

I hope I’ve helped.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.