-
Notifications
You must be signed in to change notification settings - Fork 779
Open
Description
I am using reCAPTCHA v3 in my React web application. During automated testing with ChromeDriver, the reCAPTCHA always returns a true response when I verify the token through the https://www.google.com/recaptcha/api/siteverify endpoint, regardless of the circumstances. This behavior occurs consistently during testing, which makes it difficult to accurately test the reCAPTCHA functionality.
const script = document.createElement('script')
script.src = "https://www.google.com/recaptcha/api.js?render=" + import.meta.env.VITE_GOOGLE_RECAPTCHA_SITE_Key;
script.addEventListener('load', () => {
(window as any).grecaptcha.ready(() => {
(window as any).grecaptcha.execute(import.meta.env.VITE_GOOGLE_RECAPTCHA_SITE_Key).then(async (token: any) => {
//setToken(token);
const recaptcha = {} as Recaptcha;
recaptcha.secret = import.meta.env.VITE_GOOGLE_RECAPTCHA_SECRET_Key;
recaptcha.token = token;
console.log(token);
const result = await verifyRecaptcha(recaptcha);
console.log(result);
// if(result.success){
// setIsVerified(true);
// console.log(token);
// }
})
})
})
document.body.appendChild(script);
},[])
const verifyRecaptcha = async (token: Recaptcha) : Promise<RecaptchaResponse> => {
try {
const result = await firstValueFrom(enmaxService.verifyRecaptcha(token));
console.log(result);
return result;
} catch (error) {
console.log(error);
throw new Error('reCAPTCHA verification failed');
}
};
in backend i am calling verify api
public async Task<IActionResult> VerifyRecaptcha([FromBody] RecaptchaViewmodel recaptchaViewmodel)
{
try
{
RecaptchaResponse recaptchaResponse = new RecaptchaResponse();
using (var client = new HttpClient())
{
var response = await client.PostAsync($"https://www.google.com/recaptcha/api/siteverify?secret={recaptchaViewmodel.Secret}&response={recaptchaViewmodel.Token}", null);
var responseString = await response.Content.ReadAsStringAsync();
if (response.IsSuccessStatusCode)
{
recaptchaResponse = JsonConvert.DeserializeObject<RecaptchaResponse>(responseString);
}
}
return Ok(recaptchaResponse);
}
catch (Exception e)
{
return BuildError(e);
}
}
here i got response every time true and score is 0.9 then how can we trust google recaptcha is working or not because version 3 is not identify automated driver.
Activity