Recaptcha error callback

This page explains how to display and customize the reCAPTCHA v2 widget on your webpage.

To display the widget, you can either:

• Automatically render the widget or
• Explicitly render the widget

See Configurations to learn how to customize your widget. For example, you may want to specify the language or theme for the widget.

See Verifying the user’s response to check if the user successfully solved the CAPTCHA.

Automatically render the reCAPTCHA widget

The easiest method for rendering the reCAPTCHA widget on your page is to include
the necessary JavaScript resource and a g-recaptcha tag. The g-recaptcha tag
is a DIV element with class name g-recaptcha and your site key in the
data-sitekey attribute:

<html>
  <head>
    <title>reCAPTCHA demo: Simple page</title>
    <script src="https://www.google.com/recaptcha/api.js" async defer></script>
  </head>
  <body>
    <form action="?" method="POST">
      <div class="g-recaptcha" data-sitekey="your_site_key"></div>
      <br/>
      <input type="submit" value="Submit">
    </form>
  </body>
</html>

The script must be loaded using the HTTPS protocol and can be included from any
point on the page without restriction.

Explicitly render the reCAPTCHA widget

Deferring the render can be achieved by specifying your onload callback function
and adding parameters to the JavaScript resource.

1. Specify your onload callback function.  This function will get called when
   all the dependencies have loaded.

   <script type="text/javascript">
     var onloadCallback = function() {
       alert("grecaptcha is ready!");
     };
   </script>
   

2. Insert the JavaScript resource, setting the onload parameter to the name
   of your onload callback function and the render parameter to explicit.

   <script src="https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit"
       async defer>
   </script>
   

   When your callback is executed, you can call the grecaptcha.render method
   from the JavaScript API.

Configuration

JavaScript resource (api.js) parameters

g-recaptcha tag attributes and grecaptcha.render parameters

JavaScript API

Examples

Explicit rendering after an onload callback

<html>
  <head>
    <title>reCAPTCHA demo: Explicit render after an onload callback</title>
    <script type="text/javascript">
      var onloadCallback = function() {
        grecaptcha.render('html_element', {
          'sitekey' : 'your_site_key'
        });
      };
    </script>
  </head>
  <body>
    <form action="?" method="POST">
      <div id="html_element"></div>
      <br>
      <input type="submit" value="Submit">
    </form>
    <script src="https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit"
        async defer>
    </script>
  </body>
</html>

Explicit rendering for multiple widgets

<html>
  <head>
    <title>reCAPTCHA demo: Explicit render for multiple widgets</title>
    <script type="text/javascript">
      var verifyCallback = function(response) {
        alert(response);
      };
      var widgetId1;
      var widgetId2;
      var onloadCallback = function() {
        // Renders the HTML element with id 'example1' as a reCAPTCHA widget.
        // The id of the reCAPTCHA widget is assigned to 'widgetId1'.
        widgetId1 = grecaptcha.render('example1', {
          'sitekey' : 'your_site_key',
          'theme' : 'light'
        });
        widgetId2 = grecaptcha.render(document.getElementById('example2'), {
          'sitekey' : 'your_site_key'
        });
        grecaptcha.render('example3', {
          'sitekey' : 'your_site_key',
          'callback' : verifyCallback,
          'theme' : 'dark'
        });
      };
    </script>
  </head>
  <body>
    <!-- The g-recaptcha-response string displays in an alert message upon submit. -->
    <form action="javascript:alert(grecaptcha.getResponse(widgetId1));">
      <div id="example1"></div>
      <br>
      <input type="submit" value="getResponse">
    </form>
    <br>
    <!-- Resets reCAPTCHA widgetId2 upon submit. -->
    <form action="javascript:grecaptcha.reset(widgetId2);">
      <div id="example2"></div>
      <br>
      <input type="submit" value="reset">
    </form>
    <br>
    <!-- POSTs back to the page's URL upon submit with a g-recaptcha-response POST parameter. -->
    <form action="?" method="POST">
      <div id="example3"></div>
      <br>
      <input type="submit" value="Submit">
    </form>
    <script src="https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit"
        async defer>
    </script>
  </body>
</html>

This page describes methods of the reCAPTCHA Enterprise JavaScript API
and their configuration parameters that you can
use to render the web pages with a site key.

JavaScript API

The following table lists the methods of the reCAPTCHA Enterprise JavaScript
API.

Configuration

JavaScript resource (enterprise.js) parameters

The following table lists the parameters of the JavaScript resource (enterprise.js)
that you can use to render a widget automatically or explicitly on a web page.

g-recaptcha tag attributes and grecaptcha.enterprise.render parameters

The following table lists the g-recaptcha tag attributes and the corresponding
grecaptcha.enterprise.render() parameters.

Google introduced a no CAPTCHA reCAPTCHA API in December 2014. The reCAPTCHA plugin, which protects your contact and registration forms against spam, has been updated in Joomla! 3.4.0. While still supporting the old reCAPTCHA 1.0, you can use the reCAPTCHA version 2.0. A significant number of your users can now attest they are human without having to solve a CAPTCHA. Instead with just a single click, they’ll confirm they are not a robot!

As of Joomla 3.9, a new plugin CAPTCHA — Invisible reCAPTCHA has been added, allowing you to use Invisible reCAPTCHA on your websites. It allows you to validate requests in the background. Your users don’t have to perform any action to validate a form.

Get reCAPTCHA[edit]

• Go to: https://www.google.com/recaptcha
• Click on the top right button Admin Console or Get ReCaptcha.
• Sign in with your Google account. If you don’t have one, create one.
• Choose the type of reCAPTCHA you would like to use. Prefer the reCAPTCHA V3 type.
• Register your new site by filling the necessary fields.

For additional guidance in choosing the type of reCAPTCHA, visit Google’s Guide page,
Choosing the type of reCAPTCHA.

Google reCAPTCHA will provide you two keys:

• One Site key
• One Secret key

Set Up Captcha[edit]

Choose one of the reCAPTCHA types below.

Set Up Captcha — reCAPTCHA Plugin (V2 Only)[edit]

• Log into your website’s Administrator.
• Go to Extensions → Plugins → CAPTCHA — reCAPTCHA
• Edit the plugin:
  • Status Set to Enable.
  • Version Choose 2.0.
  • Site key and Secret key Copy and paste the Site and Secret keys provided by Google reCAPTCHA into their appropriate fields.
  • Theme Choose one of the two available themes.
  • Click Save & Close.

Set Up CAPTCHA — Invisible reCAPTCHA Plugin[edit]

• Login to your website’s Administrator.
• Go to Extensions → Plugins → CAPTCHA — Invisible reCAPTCHA
• Edit the plugin:
  • Status: Set to Enable.
  • Site key and Secret key Copy and paste the Site and Secret keys provided by Google reCAPTCHA into their appropriate fields.
  • Badge Select the position of the badge on your front end.
  • Tabindex The tabindex of the challenge. This option can be useful if other elements on your page use tabindex and you want to make the navigation easier. The default value is 0, but you can change it so that your user can focus on the challenge after a certain amount of tab hits.
  • Callback (Optional) JavaScript callback, executed after successful reCAPTCHA response
  • Expired callback (Optional) JavaScript callback, executed when the reCAPTCHA expired
  • Error callback (Optional) A JavaScript callback, executed when the reCAPTCHA encounters an error
  • Click Save & Close.

Enable CAPTCHA — reCAPTCHA or CAPTCHA — Invisible reCAPTCHA[edit]

For Contact and Registration Form[edit]

• Go to System → Global Configuration → Site tab
• Default Captcha Select CAPTCHA — reCAPTCHA or CAPTCHA — Invisible reCAPTCHA.
• Click Save & Close.

Edit the Contact Form Options Setting

• Go to Components → Contacts → Options → Form tab → Allow Captcha on Contact.
• Select Use Global
• Select Save and Close

For the Registration Form Only[edit]

• Go to Users → Manage
• Click on the Options button at the top right and select the User Options tab.
• In the CAPTCHA option, choose one of the following:
  • None Selected: This setting ignores the Default CAPTCHA setting in Global Configuration. Use it when you want reCAPTCHA in the Contact forms but not in the Registration form.
  • CAPTCHA — reCAPTCHA/CAPTCHA — Invisible reCAPTCHA: Only needed if the default CAPTCHA in Global Configuration is set to None Selected but you want the reCAPTCHA in the Registration form only, and not in the contact forms.
• Click Save & Close.

You can now use the reCAPTCHA in your forms.
Test your reCAPTCHA to ensure it is working correctly.

Статья, в которой рассмотрим, как подключить recaptcha к форме обратной связи, работающей по технологии ajax.

Google reCAPTCHA – это сервис для защиты вашего сайта от ботов и других атак.

Формы обратной связи, комментирования, регистрации, авторизации, оформление заказа довольно часто подвергаются спам атаке. Чтобы их защитить от ботов и злоупотребление можно воспользоваться reCAPTCHA.

Версии Google reCAPTCHA:

• reCAPTCHA v2 – проверка пользователя с нажатием на флажок «Я не робот» («I’m not a robot»), бесплатно до 1 млн проверок в месяц;
• reCAPTCHA v3 – проверка пользователя в фоновом режиме не требующая от него никаких действий (бесплатно до 1 млн запросов в месяц);
• reCAPTCHA Enterprise – предназначена для комплексной защиты всего сайта от мошеннических действий (версия платная, ориентировочная стоимость около 1$ за 1000 запросов).

Подключение reCAPTCHA v2 или v3

Установку Google reCAPTCHA v2 или v3 для проверки форм можно представить в виде следующих шагов:

• получение ключей (site и secret) для сайта;
• вставка виджета и скриптов гугл капчи на HTML страницу;
• передача ответа на сервер;
• получение на сервере результата решения капчи.

Получение ключей reCAPTCHA

Получение ключей для reCAPTCHA v2 или v3 необходимо перейти на страницу «www.google.com/recaptcha/admin».

Для доступа к консоли администратора необходимо иметь аккаунт в Gmail. Если учётной записи нет, то её нужно завести.

После этого необходимо нажать на значок «+».

В открывшейся форме нужно:

• вести название ярлыка (например, Мой сайт);
• выбрать нужный тип reCAPTCHA;
• укажите один или несколько доменов (например, «mysite.ru»);
• принять условия использования reCAPTCHA.

После заполнения всех полей нажать на кнопку «Отправить».

При успешной регистрации Google будут выданы 2 ключа:

• публичный (его нужно вставить в HTML-код);
• секретный (на сервере, для установления обмена данными между сайтом и сервисом reCAPTCHA, т.е. для получения ответа о результатах решения капчи пользователем);

Установка recaptcha на сайт

Подключение reCAPTCHA к сайту (странице) осуществляется как на стороне клиента (в HTML), так на стороне сервера (в PHP).

Разберём, как это осуществляется более подробно. В качестве примере выберем ajax форму обратной связи.

Подключение recaptcha к HTML-документу

Подключение виджета reCAPTCHA к странице осуществляется посредством выполнения 2 действий:

1. Включения в страницу JavaScript скрипта recaptcha.
2. Добавление элемента div с классом "g-recaptcha" и атрибутом data-sitekey, имеющий в качестве значения ваш публичный ключ (public key) капчи.

Кроме этого, добавим на страницу ещё элемент div с идентификатором id=»recaptchaError». Данный элемент будем использовать для отображения ошибки, связанной с google racaptcha.

<!-- добавление элемента div -->
<div class="g-recaptcha" data-sitekey="6KepjAsTFFFFFFMqccY0ZiGqc3TEd3YVxo8cHsGX"></div>

<!-- элемент для вывода ошибок -->
<div class="text-danger" id="recaptchaError"></div>

<!-- js-скрипт гугл капчи -->
<script src='https://www.google.com/recaptcha/api.js'></script>

Кроме этого необходимо будет внести ещё изменения в файл script.js, т.к. форма обратной связи отправляется на сервер через AJAX.

// Работа с виджетом recaptcha
// 1. Получить ответ гугл капчи
var captcha = grecaptcha.getResponse();

// 2. Если ответ пустой, то выводим сообщение о том, что пользователь не прошёл тест.
// Такую форму не будем отправлять на сервер.
if (!captcha.length) {
  // Выводим сообщение об ошибке
  $('#recaptchaError').text('* Вы не прошли проверку "Я не робот"');
} else {
  // получаем элемент, содержащий капчу
  $('#recaptchaError').text('');
}

// 3. Если форма валидна и длина капчи не равно пустой строке, то отправляем форму на сервер (AJAX)
if ((formValid) && (captcha.length)) {
  ...
  // добавить в formData значение 'g-recaptcha-response'=значение_recaptcha
  formData.append('g-recaptcha-response', captcha);
  ...
}

// 4. Если сервер вернул ответ error, то делаем следующее...
// Сбрасываем виджет reCaptcha
grecaptcha.reset();
// Если существует свойство msg у объекта $data, то...
if ($data.msg) {
  // вывести её в элемент у которого id=recaptchaError
  $('#recaptchaError').text($data.msg);
}

Интегрирование recaptcha в php скрипт

Установка recaptcha в скрипт php осуществляется посредством внесения в файл process.php следующих изменений:

• создание переменной $secret, содержащей секретный ключ вашего сайта;
• подключения клиентской библиотеки reCAPTCHA PHP посредством включения в скрипт файла autoload.php;
• проверка наличия ключа g-recaptcha-response в суперглобальном массиве POST;
• если данное имя (g-recaptcha-response) есть, то создать экземпляр службы recaptcha, используя ваш секретный ключ;
• получить результат проверки кода: если результат положительный, то выполнить необходимые действия (например, отправить информацию на почту).
• если возникла ошибка, то отправить клиенту отрицательный результат.

// ваш секретный ключ
$secret = '6NepjAsGBBABBN7_Qy9yfzShcKmc70X2kXQyX1WO';
// однократное включение файла autoload.php (клиентская библиотека reCAPTCHA PHP)
require_once (dirname(__FILE__).'/recaptcha/autoload.php');
// если в массиве $_POST существует ключ g-recaptcha-response, то...
if (isset($_POST['g-recaptcha-response'])) {
  // создать экземпляр службы recaptcha, используя секретный ключ
  $recaptcha = new ReCaptchaReCaptcha($secret);
  // получить результат проверки кода recaptcha
  $resp = $recaptcha->verify($_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR']);
  // если результат положительный, то...
  if ($resp->isSuccess()){
    // действия, если код captcha прошёл проверку
    //...
  } else {
    // иначе передать ошибку
    $errors = $resp->getErrorCodes();
    $data['error-captcha']=$errors;
    $data['msg']='Код капчи не прошёл проверку на сервере';
    $data['result']='error';
  }

} else {
  //ошибка, не существует ассоциативный массив $_POST["send-message"]
  $data['result']='error';
}

Готовая форма обратной связи с recaptcha

Бесплатно загрузить форму обратной связи с recaptcha можно по следующей ссылке:

Форма обратной связи с recaptcha

Изображения готовой формы, в которую интегрирована recaptcha.

Статьи, связанные с этой темой:

• Форма обратной связи на php, html и bootstrap
• Всплывающая форма обратной связи

captchaai.com API

CaptchaAI is an AI-powered image and CAPTCHA recognition service. captchaAI’s main purpose is solving your CAPTCHAs in a quick and cost effictive way by using AI «Artificial Intelligence».

Introduction

We provide an API that allows you to automate the process and integrate your software with our service.

We also have a software to emulate other captcha services. Check CaptchaAI Emulator

There are few simple steps to solve your captcha or recognize the image:

• 1. Send your image or captcha to our server.
• 2. Get the ID of your task.
• 3. Start a cycle that checks if your task is completed.
• 4. Get the result.

Solving Captchas

Our API is based on HTTP requests and supports both HTTP and HTTPS protocols.

API endpoints:

• https://ocr.captchaai.com/in.php is used to submit a captcha
• https://ocr.captchaai.com/res.php is used to get the captcha solution

NEW For image captcha, now you can use https://ocr.captchaai.com/solve.php instead of in.php to directly get the results.

The process of solving captchas with captchaai is really easy and it’s mostly the same for all types of captchas:

1. Get your API key from your API key. Each user is given a unique authentication token, we call it API key. It’s a 32-characters string that looks like:
   347bc2896fc1812d3de5ab56a0bf4ea7
   
   This key will be used for all your requests to our server.
2. Submit a HTTP POST request to our API URL:
   https://ocr.captchaai.com/in.php with parameters corresponding to the type of your captcha.
   Server will return captcha ID or an error code if
   something went wrong.
3. Make a timeout: 20 seconds for reCAPTCHA, 5 seconds for other types of captchas.
4. Submit a HTTP GET request to our API URL:https://ocr.captchaai.com/res.php to get the result.
   If captcha is already solved server will return the answer in format corresponding to the type of your captcha.
   By default answers are returned as plain text like: OK|Your answer. But answer can also be returned as JSON {«status»:1,»request»:»TEXT»} if json parameter is used.
   If captcha is not solved yet server will return CAPCHA_NOT_READY result. Repeat your request in 5 seconds.
   If something went wrong server will return an error code.

Normal Captcha

Normal Captcha is an image that contains distored but human-readable text. To solve the captcha user have to type the text from the image.

To solve the captcha with our service you have to submit the image with HTTP POST
request to our API URL: https://ocr.captchaai.com/in.php
Server accepts images in multipart or base64 format.

NEW For image captcha, now you can use https://ocr.captchaai.com/solve.php instead of in.php to directly get the results.

Multipart sample form

  
  Your key:
  
  The CAPTCHA file:
  
  

YOUR_APIKEY is Your API key.

Base64 sample form

  
  Your key:
  
  The CAPTCHA file body in base64 format:
    
    

YOUR_APIKEY is here your API key.

BASE64_FILE is base64-encoded image body.

You can provide additional parameters with your request to define what kind of captcha you’resending and to help OCR servers to solve your captcha correctly. You can find the full list of parameters in the table below.

If everything is fine server will return the ID of your captcha as plain text, like:OK|123456789 or as JSON {«status»:1,»request»:»123456789″} if json parameter was used.

If something went wrong server will return an error. See Error Handling chapter for the list of errors.

Make a 5 seconds timeout and submit a HTTP GET request to our API URL: https://ocr.captchaai.com/res.php providing the captcha ID. The list of parameters is in the table below.

If everything is fine and your captcha is solved server will return the answer as plain text, like: OK|TEXT or as JSON {«status»:1,»request»:»TEXT»} if json parameter was used.

Otherwise server will return CAPCHA_NOT_READY that means that your captcha is not solved yet. Just repeat your request in 5 seconds.

If something went wrong server will return an error. See Error Handling chapter for the list of errors.

List of POST request parameters for https://ocr.captchaai.com/in.php

List of GET request parameters for https://ocr.captchaai.com/res.php

Request URL example:

https://ocr.captchaai.com/res.php?key=347bc2896fc1812d3de5ab56a0bf4ea7&action=get&id=123456789

reCAPTCHA V2

reCAPTCHA V2 also known as I’m not a robot reCAPTCHA is a very popular type of captcha that looks like this:

Solving reCAPTCHA V2 with our method is pretty simple:

1. Look at the element’s code at the page where you found reCAPTCHA.



2. Find a link that begins with www.google.com/recaptcha/api2/anchor or find data-sitekey parameter.

3. Copy the value of k parameter of the link (or value of data-sitekey parameter).



4. Submit a HTTP GET or POST request to our API URL: https://ocr.captchaai.com/in.php with method set to userrecaptcha and the value found on previous step as value for googlekey and full page URL as value for pageurl. Sending proxies is not obligatory ar the moment but it’s recommended.
   You can find the full list of parameters in the table below.

   Request URL example:

   https://ocr.captchaai.com/in.php?key=347bc2896fc1812d3de5ab56a0bf4ea7&method=userrecaptcha&googlekey=6Le-wvkSVVABCPBMRTvw0Q4Muexq1bi0DJwx_mJ-&pageurl=https://mysite.com/page/with/recaptcha

5. If everything is fine server will return the ID of your captcha as plain text, like:
   OK|123456789 or as JSON {«status»:1,»request»:»123456789″} if
   json parameter was used.
   Otherwise server will return an error code.

6. Make a 15-20 seconds timeout then submit a HTTP GET request to our API URL:
   https://ocr.captchaai.com/res.php to get the result.
   The full list of parameters is in the table below.

   If captcha is already solved server will respond in plain text or JSON and return the
   answer token that looks like:

   03AHJ_Vuve5Asa4koK3KSMyUkCq0vUFCR5Im4CwB7PzO3dCxIo11i53epEraq-uBO5mVm2XRikL8iKOWr0aG50sCuej9bXx5qcviUGSm4iK4NC_Q88flavWhaTXSh0VxoihBwBjXxwXuJZ-WGN5Sy4dtUl2wbpMqAj8Zwup1vyCaQJWFvRjYGWJ_TQBKTXNB5CCOgncqLetmJ6B6Cos7qoQyaB8ZzBOTGf5KSP6e-K9niYs772f53Oof6aJeSUDNjiKG9gN3FTrdwKwdnAwEYX-F37sI_vLB1Zs8NQo0PObHYy0b0sf7WSLkzzcIgW9GR0FwcCCm1P8lB-50GQHPEBJUHNnhJyDzwRoRAkVzrf7UkV8wKCdTwrrWqiYDgbrzURfHc2ESsp020MicJTasSiXmNRgryt-gf50q5BMkiRH7osm4DoUgsjc_XyQiEmQmxl5sqZP7aKsaE-EM00x59XsPzD3m3YI6SRCFRUevSyumBd7KmXE8VuzIO9lgnnbka4-eZynZa6vbB9cO3QjLH0xSG3-egcplD1uLGh79wC34RF49Ui3eHwua4S9XHpH6YBe7gXzz6_mv-o-fxrOuphwfrtwvvi2FGfpTexWvxhqWICMFTTjFBCEGEgj7_IFWEKirXW2RTZCVF0Gid7EtIsoEeZkPbrcUISGmgtiJkJ_KojuKwImF0G0CsTlxYTOU2sPsd5o1JDt65wGniQR2IZufnPbbK76Yh_KI2DY4cUxMfcb2fAXcFMc9dcpHg6f9wBXhUtFYTu6pi5LhhGuhpkiGcv6vWYNxMrpWJW_pV7q8mPilwkAP-zw5MJxkgijl2wDMpM-UUQ_k37FVtf-ndbQAIPG7S469doZMmb5IZYgvcB4ojqCW3Vz6Q

   If captcha is not solved yet server will return CAPCHA_NOT_READY result. Repeat your request in 5 seconds.

   If something went wrong server will return an error code.

7. Locate the element with id g-recaptcha-response and make it visible deleting display:none parameter.

   

   Please note: sometimes content on the page is generated dynamically and you will not see this element in html source.
   In such cases you have to explore javascript code that generates the content. «Inspect» option in Google Chrome can help in that.

   As an alternative you can just use javascript to set the value of g-recaptcha-response field:

   document.getElementById("g-recaptcha-response").innerHTML="TOKEN_FROM_captchaai";

8. An input field will appear on the page. And you just have to paste the answer token to that field and submit the form.



9. Congratulations, you’ve passed the recaptcha

reCAPTCHA Callback

Sometimes there’s no submit button and a callback function is used isntead. The function is when reCAPTCHA is solved.

Callback function is usually defined in data-callback parameter of reCAPTCHA, for example:

data-callback="myCallbackFunction"

Or sometimes it’s defined as callback parameter of grecaptcha.render function, for example:

grecaptcha.render('example', {'sitekey' : 'someSitekey','callback' : myCallbackFunction,'theme' : 'dark'});

Also there’s another way to find the callback function — open javascript console of your browser and explore reCAPTCHA configuration object:

___grecaptcha_cfg.clients[0].aa.l.callback

Note that aa.l may change and there can be multiple clients so you have to check clients[1], clients[2] too.

Finally all you have to do is to call that function:

myCallbackFunction();

Or even this way:

___grecaptcha_cfg.clients[0].aa.l.callback();

Sometimes it is required to provide an argument and in most cases you should put the token there. For example:

myCallbackFunction('TOKEN');

Invisible reCAPTCHA V2

reCAPTCHA V2 also has an invisible version.
You may check how it looks like here: https://www.google.com/recaptcha/api2/demo?invisible=true
We added parameter invisible=1 that should be used for invisible reCAPTCHA.

Invisible reCAPTCHA is located on a DIV layer positioned -10 000 px from top that makes it invisible for user.

reCAPTCHA is activated on page load or on user’s actions like click somewhere or submit a form — that depends on the website. If user’s cookies are good enough then he will just pass it utomatically and no additional actions will be required. Otherwise user will see standard eCAPTCHA form with a challenge.

In most cases when challenge is completed a callback function is executed. You can read more about callback here.

If you are still not sure — there are few ways to determine that reCAPTCHA is in invisible mode:

• You don’t see «I’m not a robot» checkbox on the page but getting recaptcha challenge making some actions there
• reCAPTCHA’s iframe link contains parameter size=invisible
• reCAPTCHA’s configuration object contains parameter size that is set to invisible, for example ___grecaptcha_cfg.clients[0].aa.l.size is equal to invisible

How to bypass invisible reCAPTCHA in browser?

Method 1: using javascript:

1. Change the value of g-recaptcha-response element to the token you received from our server:

document.getElementById("g-recaptcha-response").innerHTML="TOKEN_FROM_captchaai"; 

2. Execute the action that needs to be performed on the page after solving reCAPTCHA.

Usually there’s a form that should be submitted and you need to identify the form by id or name or any other attribute and then submit the form. Here are few examples:

document.getElementById("recaptcha-demo-form").submit(); //by id "recaptcha-demo-form"
document.getElementsByName("myFormName")[0].submit(); //by element name "myFormName"
document.getElementsByClassName("example").submit(); //by class name "example"

Or sometimes there’s a callback function executed when reCAPTCHA is solved.

Callback function is usually defined in data-callback parameter of reCAPTCHA, for example:

data-callback="myCallbackFunction"

Or sometimes it’s defined as callback parameter of
grecaptcha.render function, for example:

grecaptcha.render('example', {
  'sitekey' : 'someSitekey',
  'callback' : myCallbackFunction,
  'theme' : 'dark'
});

And all you have to do is to call that function:

myCallbackFunction();

3. Voila! You’ve done that with just 2 strings of code.

Method 2: changing HTML:

1. Cut the div containing reCAPTCHA from page body.
2. Cut the whole block:
3. Put the following code instead of the block you’ve just cut:

Where %g-recaptcha-response% — is an answer token you’ve got from our service.

4. You will see “Submit query” button.
   Press the button to submit the form with g-recaptcha-response and all other form
   data to the website.

List of GET/POST request parameters for https://ocr.captchaai.com/in.php

List of GET request parameters for https://ocr.captchaai.com/res.php

Request URL example:

https://ocr.captchaai.com/res.php?key=347bc2896fc1812d3de5ab56a0bf4ea7&action=get&id=123456789

reCAPTCHA V3

reCAPTCHA V3 is the newest type of captcha from Google. It has no challenge so there is no need for user interaction. Instead it uses a «humanity» rating — score.

reCAPTCHA V3 technically is quite similar to reCAPTCHA V2: customer receives a token from
reCAPTCHA API which is then sent inside a POST request to the target website and
verified via reCAPTCHA API.

The difference is now reCAPTCHA API returns rating of a user detecting whether he was a real human or a bot. This rating is called score and could be a number from 0.1 to 0.9. his score is passed to the website which then decides what to do with the user request.

Also there is a new parameter action allowing to process user actions on the website differently. After the verification of token reCAPTCHA API returns the name of the action user performed.

How to solve reCAPTCHA V3 using captchaai:

1. First you’ve got to be sure the target website is actually using reCAPTCHA V3

   There should be V3 if:

   • there is no captcha and no images to click on
   • api.js script is loading with the render=sitekey parameter, for example:
     https://www.google.com/recaptcha/api.js?render=6LfZil0UAAAAAAdm1Dpzsw9q0F11-bmervx9g5fE
   • clients array of ___grecaptcha_cfg object is using index 100000: ___grecaptcha_cfg.clients[100000]

2. To start solving reCAPTCHA V3 using our API first you’ve got to find three
   parameters:

   sitekey — this parameter could be obtained from the URI of
   api.js as a value of render parameter. It could also be found inside
   URI of iframe with reCAPTCHA, in javascript code of the website where it’s
   calling grecaptcha.execute function or in ___grecaptcha_cfg configuration
   object.

   action — you’ve got to find this inspecting javascript code of the website looking for call of grecaptcha.execute function. Example:
   grecaptcha.execute(‘6LfZil0UAAAAAAdm1Dpzsw9q0F11-bmervx9g5fE’, {action:
   do_something}).
   Sometimes it’s really hard to find it and you’ve got to dig through all js-files loaded by website. You may also try to find the value of action parameter inside___grecaptcha_cfg configuration object but usually it’s undefined. In that case you have to call grecaptcha.execute and inspect javascript code. If you can’t find it try to use the default value «verify» — our API will use it if you don’t provide action in your request.

   pageurl — full URL of the page where you see the reCAPTCHA V3.

   Now you need to understand the score you need to solve V3. You can’t
   predict what score is acceptable for the website you want to solve at. It can
   only be figured out by trial and error. The lowest score is 0.1 which means
   «robot», the highest is 0.9 which means «human». But most sites uses thresholds
   from 0.2 to 0.5 because real humans receive a low score oftenly. Our service is
   able to provide solutions which requires the score of 0.3. Higher score is
   extreamly rare.

3. Having all necessary parameters stated above you may send request to our API.

4. Submit a HTTP GET or POST request to our API URL:
   
   https://ocr.captchaai.com/in.php
   with method set to
   userrecaptcha and version set to v3 along with
   min_score set to score website requires, sitekey inside
   googlekey parameter and full page URL as value for pageurl.
   You have to include action parameter to or else we will use default
   value verify.

   List of request parameters below.

   URL request sample:

   https://ocr.captchaai.com/in.php?key=347bc2896fc1812d3de5ab56a0bf4ea7&method=userrecaptcha&version=v3&action=verify&min_score=0.3&googlekey=6LfZil0UAAAAAAdm1Dpzsw9q0F11-bmervx9g5fE&pageurl=https://mysite.com/page/

5. If everything is fine server will return the ID of your captcha as plain text,like: OK|123456789 or as JSON
   {«status»:1,»request»:»123456789″} if json parameter was used.

   If something went wrong server will return an error. See Error Handling chapter for the list of errors.

6. Make a 10-15 seconds timeout and submit a HTTP GET request to our API
   https://ocr.captchaai.com/res.php providing the captcha ID. The list of parameters is in the table below.

   If everything is fine and your captcha is solved server will return the answer as plain text or as JSON. The answer is a token like this:

   03AHJ_Vuve5Asa4koK3KSMyUkCq0vUFCR5Im4CwB7PzO3dCxIo11i53epEraq-uBO5mVm2XRikL8iKOWr0aG50sCuej9bXx5qcviUGSm4iK4NC_Q88flavWhaTXSh0VxoihBwBjXxwXuJZ-WGN5Sy4dtUl2wbpMqAj8Zwup1vyCaQJWFvRjYGWJ_TQBKTXNB5CCOgncqLetmJ6B6Cos7qoQyaB8ZzBOTGf5KSP6e-K9niYs772f53Oof6aJeSUDNjiKG9gN3FTrdwKwdnAwEYX-F37sI_vLB1Zs8NQo0PObHYy0b0sf7WSLkzzcIgW9GR0FwcCCm1P8lB--gf50q5BMkiRH7osm4DoUgsjc_XyQiEmQmxl5sqZP7aKsaE-EM00x59XsPzD3m3YI6SRCFRUevSyumBd7KmXE8VuzIO9lgnnbka4-eZynZa6vbB9cO3QjLH0xSG3--o-fxrOuphwfrtwvvi2FGfpTexWvxhqWICMFTTjFBCEGEgj7_IFWEKirXW2RTZCVF0Gid7EtIsoEeZkPbrcUISGmgtiJkJ_KojuKwImF0G0CsTlxYTOU2sPsd5o1JDt65wGniQR2IZufnPbbK76Yh_KI2DY4cUxMfcb2fAXcFMc9dcpHg6f9wBXhUtFYTu6pi5LhhGuhpkiGcv6vWYNxMrpWJW_pV7q8mPilwkAP-zw5MJxkgijl2wDMpM-UUQ_k37FVtf-ndbQAIPG7S469doZMmb5IZYgvcB4ojqCW3Vz6Q

   If the captcha is not solved yet server will return CAPCHA_NOT_READY.Just repeat your request in 5 seconds.

   If something went wrong server will return an error. See Error Handling chapter for the list of errors.

   Sample request:

   https://ocr.captchaai.com/res.php?key=347bc2896fc1812d3de5ab56a0bf4ea7&action=get&json=1&id=123456789

7. After receiving the token from our API you’ve got to use it properly on the
   target website. Best way to understant that is to check the requests sent to
   site when you act as a normal user. Most browsers has developer’s console tool
   where you should check Network tab.

   Usually token is sent using POST request. It could be g-recaptcha-response just like reCAPTCHA V2 does or g-recaptcha-response-100000. It could be other parameter too. So you’vegot to inspect the requests and find out how exactly the token supposed to be sent. Then you have to compose your request accordingly.

List of GET/POST request parameters for https://ocr.captchaai.com/in.php

List of GET request parameters for https://ocr.captchaai.com/res.php

hCaptcha

hCaptcha is a quite new type of captcha that is really similar to reCAPTCHA and looks
like this:

Solving hCaptcha is pretty simple:

1. Find the value of data-sitekey parameter in the source code of the page.

2. Submit a HTTP GET or POST request to our API URL:
   http://ocr.captchaai.com/in.php with method set to hcaptcha and
   provide the value found on previous step as value for sitekey and full page
   URL as value for pageurl.
   You can find the full list of
   parameters in the table below.

   Request URL example:

   http://ocr.captchaai.com/in.php?key=1abc234de56fab7c89012d34e56fa7b8&method=hcaptcha&sitekey=10000000-ffff-ffff-ffff-000000000001&pageurl=http://mysite.com/register

3. If everything is fine server will return the ID of your captcha as plain text, like:
   OK|2122988149 or as JSON {«status»:1,»request»:»2122988149″} if
   json parameter was used.
   Otherwise server will return an error code.

4. Make a 15-20 seconds timeout then submit a HTTP GET request to our API URL:
   http://ocr.captchaai.com/res.php to get the result.
   The full list of parameters is in the table below.

   If captcha is already solved server will respond in plain text or JSON and return the
   answer token that looks like:

   P0_eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwYXNza2V5IjoiNGQ3MTI5ZmUtOTQxZi00NGQ4LWI5MzYtMzAwZjUyMmM3Yzc2IiwiZXhwIjoxNTY4MTA3MjY4LCJzaGFyZF9pZCI6MzAyMzQ1NDg4fQ.yJuANPBc1uzCw9tW6CoLqiijBgh6zF00KdsnqaJtugg

   If captcha is not solved yet server will return CAPCHA_NOT_READY result.
   Repeat
   your request in 5 seconds.

   If something went wrong server will return an error
   code.

5. Place the token into h-captcha-response and g-recaptcha-response
   hidden elements and submit the form.
   Please note, hcaptcha also has a callback. If there is no form to submit you MUST
   explore the website code and find the callback.

List of GET/POST request parameters for http://ocr.captchaai.com/in.php

List of GET request parameters for http://ocr.captchaai.com/res.php

Request URL example:

http://ocr.captchaai.com/res.php?key=1abc234de56fab7c89012d34e56fa7b8&action=get&id=2122988149

Language support

Our API allows you to set the language of captcha with lang parameter.

The list of supported languages is available in the table below.

Google reCAPTCHA is a popular service for protecting website forms against spam and bots. The reCAPTCHA asks users to solve simple puzzles that are easy for humans but hard for bots. Your form should not proceed until the reCAPTCHA challenge is resolved. Ultimately it saves the server space from inserting unnecessary spam records into the database. It also saves us time as we never get spam comments in our mailbox. So no more cleaning up of the email inbox.

To add a Google reCAPTCHA in website forms, it needs to write a piece of code to validate the response of reCAPTCHA. If a response is valid then only the form should proceed.

There are 2 ways to validate the response – one is server-side and the other is client-side. In this article, we focus on client-side validation and thus we study how to validate Google reCAPTCHA using JavaScript.
If you are looking for server-side validation, please refer to the article Using Google reCAPTCHA On Your Website Forms With PHP.

Register the Site and Get API Keys

To get started, you need to register your site with Google reCAPTCHA – https://www.google.com/recaptcha/admin.

Choose the option ‘reCAPTCHA v2’ which gives an “I’m not a robot” Checkbox. If you want to test this tutorial on a local server then add ‘localhost’ as a domain.

Once you enter details in the above form you will get your Site key and Secret key. As we are dealing with the client-side validation, we only need a Site Key.

Validate Google reCAPTCHA using JavaScript

Next, you need to add Google reCAPTCHA to your form. You can do it using the code below.

<form method="post" onsubmit="return submitUserForm();">
    <div class="g-recaptcha" data-sitekey="YOUR_SITE_KEY" data-callback="verifyCaptcha"></div>
    <div id="g-recaptcha-error"></div>
    <input type="submit" name="submit" value="Submit" />
</form>
<script src='https://www.google.com/recaptcha/api.js'></script>

Replace the placeholder ‘YOUR_SITE_KEY’ with your actual site key.

In the above code, I am using the onsubmit JavaScript event. This is because when a user hits a submit button, we need to check first reCAPTCHA response and then actually submit a form.

I also added a ‘verifyCaptcha’ as a callback function using the ‘data-callback’ attribute. This callback method is executed when the user submits a successful response. The g-recaptcha-response token is passed to your callback. 

I used a div with an id ‘g-recaptcha-error’ to display the error message. It will populate if users try to submit a form without solving the reCAPTCHA challenge. Upon receiving a successful response, I will remove the error message from the callback function. 

Finally, let’s write a JavaScript code that handles the reCAPTCHA response. And based on the response it shows either an error message or allows the form to proceed.

<script>
var recaptcha_response = '';
function submitUserForm() {
    if(recaptcha_response.length == 0) {
        document.getElementById('g-recaptcha-error').innerHTML = '<span style="color:red;">This field is required.</span>';
        return false;
    }
    return true;
}

function verifyCaptcha(token) {
    recaptcha_response = token;
    document.getElementById('g-recaptcha-error').innerHTML = '';
}
</script>

The verifyCaptcha method receives a token after users solve the puzzles of reCAPTCHA. We are assigning this response to the <code>recaptcha_response</code> variable.

In the method <code>submitUserForm</code>, I check if the response is empty. It returns ‘false’ for an empty response. It means a user has not yet validated reCAPTCHA. And so, it appends an error to the div having the id ‘g-recaptcha-error’.

When Google reCAPTCHA sends a valid response I am returning a true value, which submits the form for further processing.

Our final code is:

<form method="post" onsubmit="return submitUserForm();">
    <div class="g-recaptcha" data-sitekey="YOUR_SITE_KEY" data-callback="verifyCaptcha"></div>
    <div id="g-recaptcha-error"></div>
    <input type="submit" name="submit" value="Submit" />
</form>
<script src='https://www.google.com/recaptcha/api.js'></script>
<script>
var recaptcha_response = '';
function submitUserForm() {
    if(recaptcha_response.length == 0) {
        document.getElementById('g-recaptcha-error').innerHTML = '<span style="color:red;">This field is required.</span>';
        return false;
    }
    return true;
}

function verifyCaptcha(token) {
    recaptcha_response = token;
    document.getElementById('g-recaptcha-error').innerHTML = '';
}
</script>

I hope you understand how to Validate Google reCAPTCHA using JavaScript. Give it a try and share your thoughts or suggestions in the comment section below.

Related Articles

• Integrate Google Invisible reCAPTCHA with PHP
• A Guide on Adding Google reCAPTCHA v3 to your Laravel Website
• How to Add I’m not a robot captcha in Laravel Forms

If you liked this article, then please subscribe to our YouTube Channel for video tutorials.

Google reCAPTCHA – популярный выбор для защиты форм веб-сайтов от спама и ботов. ReCAPTCHA предлагает пользователям решать простые головоломки, которые легки для людей, но трудны для ботов. В результате можно сэкономить место на сервере от вставки ненужных записей спама в базу данных. Это также экономит наше время, поскольку мы никогда не получаем спам-комментарии в почтовый ящик.

Когда мы добавляем Google reCAPTCHA в формы веб-сайтов, нам нужно написать фрагмент кода для проверки ответа reCAPTCHA. Если ответ действителен, то должна продолжаться только наша форма.

Есть два способа проверить ответ: один на стороне сервера, а другой – на стороне клиента. В этой статье мы сосредоточимся на проверке на стороне клиента и изучаем, как проверять Google reCAPTCHA с помощью JavaScript.

Если вам нужна проверка на стороне сервера, обратитесь к статье Использование Google reCAPTCHA в формах вашего веб-сайта с помощью PHP.

Зарегистрируйте сайт и получите ключи API

Для начала вам необходимо зарегистрировать свой сайт здесь – https://www.google.com/recaptcha/admin.

Выберите вариант «reCAPTCHA v2», который устанавливает флажок «Я не робот».

После того, как вы введете данные в форму выше, вы получите ключ сайта и секретный ключ. Поскольку мы имеем дело с проверкой на стороне клиента, нам нужен только ключ сайта.

Если вы хотите протестировать его на локальном сервере, добавьте localhost в качестве домена.

Проверить Google reCAPTCHA с помощью JavaScript

Во-первых, вам нужно добавить Google reCAPTCHA в вашу форму. Вы можете сделать это, используя приведенный ниже код.

<form method="post" onsubmit="return submitUserForm();">
    <div class="g-recaptcha" data-sitekey="YOUR_SITE_KEY" data-callback="verifyCaptcha"></div>
    <div id="g-recaptcha-error"></div>
    <input type="submit" name="submit" value="Submit" />
</form>
<script src='https://www.google.com/recaptcha/api.js'></script>

В приведенном выше коде я использую onsubmitсобытие. Это связано с тем, что, когда пользователь отправляет форму, нам нужно проверить ответ reCAPTCHA, а затем разрешить ему отправить форму.

Затем я добавил «verifyCaptcha» в качестве имени функции обратного вызова к атрибуту «data-callback». Я буду использовать этот метод обратного вызова, чтобы удалить сообщение об ошибке после прохождения проверки. Я также добавил div с идентификатором g-recaptcha-error для отображения сообщения об ошибке.

Замените заполнитель “YOUR_SITE_KEY” фактическим ключом сайта.

Наконец, давайте напишем код JavaScript, который обрабатывает ответ reCAPTCHA. И в зависимости от ответа он показывает либо сообщение об ошибке, либо позволяет форме продолжить работу.

<script>
function submitUserForm() {
    var response = grecaptcha.getResponse();
    if(response.length == 0) {
        document.getElementById('g-recaptcha-error').innerHTML = '<span style="color:red;">This field is required.</span>';
        return false;
    }
    return true;
}
 
function verifyCaptcha() {
    document.getElementById('g-recaptcha-error').innerHTML = '';
}
</script>

В методе submitUserFormмы получаем ответ reCAPTCHA, используя grecaptcha.getResponse(). Это встроенная функция, предоставляемая сервисом Google reCAPTCHA.

Если ответ недействителен, он возвращает 0. Это означает, что пользователь еще не проверил reCAPTCHA. Итак, он выдает ошибку и добавляется к div с идентификатором g-recaptcha-error.

Когда Google reCAPTCHA отправляет действительный ответ, я возвращаю истинное значение, которое позволяет форме продолжить работу.

verifyCaptchaМетод получает вызов, когда вы решить все головоломки рекапчи. Затем мы удаляем сообщение об ошибке, как только загадка будет решена.

Наш последний код:

<form method="post" onsubmit="return submitUserForm();">
    <div class="g-recaptcha" data-sitekey="YOUR_SITE_KEY" data-callback="verifyCaptcha"></div>
    <div id="g-recaptcha-error"></div>
    <input type="submit" name="submit" value="Submit" />
</form>
<script src='https://www.google.com/recaptcha/api.js'></script>
<script>
function submitUserForm() {
    var response = grecaptcha.getResponse();
    if(response.length == 0) {
        document.getElementById('g-recaptcha-error').innerHTML = '<span style="color:red;">This field is required.</span>';
        return false;
    }
    return true;
}
 
function verifyCaptcha() {
    document.getElementById('g-recaptcha-error').innerHTML = '';
}
</script>

Надеюсь, вы понимаете, как проверить Google reCAPTCHA с помощью JavaScript. Попробуйте это в своем проекте и поделитесь своими мыслями или предложениями в разделе комментариев ниже.

Статьи по Теме

• Интегрируйте Google Invisible reCAPTCHA с PHP
• Руководство по добавлению Google reCAPTCHA v3 на ваш сайт Laravel
• Как добавить капчу “Я не робот” в формах Laravel

reCAPTCHA by Google is a free service that protects your website from spam and abuse. It’s designed to be friendly to humans, much more friendly than image-based CAPTCHA. It uses advanced risk analysis techniques to tell humans and bots apart to protect your website from spam.

The invisible reCAPTCHA badge does not require the user to click on a checkbox. Instead, it is invoked directly when the user clicks on an existing button on your site or can be invoked via a JavaScript API call. The integration requires a JavaScript callback when reCAPTCHA verification is complete. By default, only the most suspicious traffic will be prompted to solve a captcha. 

Get started

To get started with reCAPTCHA you must first have a Google account.  Once you are logged into Google go to https://www.google.com/recaptcha/admin to register your new website.  The usage of reCAPTCHA is limited to the domains that you register. It’s recommended that if you have multiple domains that you register each one separately.

1. Label — Give a meaningful, but short name that describes your site.
2. reCAPTCHA type — Choose «reCAPTCHA v2» and then choose «Invisible reCAPTCHA badge».
3. Domains — Enter the domain or domains that you plan to use reCAPTCHA on.
4. Owners — this should be your Google account email
5. Accept the reCAPTCHA Terms of service
6. Check off the «Send alerts to owners»
7. Click the «Submit» button.

See the Settings documentation on the Google site for more information.  

Get the API keys

Once you’ve registered your site you then need to get the API credentials. reCAPTCHA gives you a «Site Key» and «Secret Key»

You will need to copy those to the Google reCAPTCHA V2 Invisible configuration page in BranchCMS.

Integrate into BranchCMS

1. In BranchCMS click on the «Site Settings» link at the upper right of the administration and then click on «Spam Protection».
2. Then click on «Configure reCAPTCHA V2 (Invisible reCAPTCHA badge)».
3. Copy the «Site key» value from the Google reCAPTCHA page and paste it into the «Site Key» field.
4. Copy the «Secret key» value from the Google reCAPTCHA page and past it into the «Secret Key» field. 

Make sure that if either of those values ends in punctuation that you get the punctuation too. 

Customize the display

When you’re setting up the reCAPTCHA integration you can also configure the display options. These values will be the default display choices for all places that reCAPTCHA is used throughout the site. You can, however, override them with each form that uses reCAPTCHA. 

Integrate with your form

Now that reCAPTCHA is setup for your site you can use it on your forms. By default CAPTCHA is disabled on all forms. To enable it edit the form and go to the CAPTCHA tab. 

Choose «Google reCAPTCHA V2 Invisible» for the «CAPTCHA Type» field. That will show you the status of the reCAPTCHA integration. 

Output the CAPTCHA in the template

There are three ways to invoke the invisible reCAPTCHA in your templates. It’s a bit more involved than simply using the {{ form.captcha.tag }} variable.

• Automatically bind the challenge to a button
• Programatically bind the challenge to a button
• Programatically invoke the challenge

Testing for CAPTCHA type

You may want to use some logic to display the reCAPTCHA in your templates if there is a chance that a different type of CAPTCHA could be chosen.

The reCAPTCHA V2 Invisible CAPTCHA type is designated by the «recaptchaV2Invisible» value for the form.captcha.type variable.

{% if form.captcha.type == 'recaptchaV2Invisible' %}
   {# Display the Google reCAPTCHA V2 Invisible here #}
{% endif %}

Setting the reCAPTCHA data attributes

There are a few ways that you can set the data attributes such as the data-callback or data-expired-callback attributes. If you set them then they are set on the <div> tag for the programatically invoke the challenge option and the <button> tag that can be used for either of the button options.

Below are examples of the three ways that the data attribute could be set.

{% set form.captcha.data.callback = 'onSubmit' %}
{% do form.captcha.data.set('expired-callback', 'expiredCallback') %}
{% do form.captcha.set('data-error-callback', 'errorCallback') %}

Automatically bind the challenge to a button

The easiest method for using the invisible reCAPTCHA widget on your page is to include the <script> tag to load the Google Javascript file and to add a few attributes to your HTML button.

The required attributes are a class name of g-recaptcha, your site key in the data-sitekey attribute, and the name of the Javascript callback function to handle completion of the CAPTCHA in the data-callback attribute.

{% set form.class = 'myForm' %}
{{ form.openTag }}
   {# Display fields #}
   {% for field in form.fields %}
     <p>{{ field.label.tag }}<br>{{ field.tag }}</p>
   {% endfor %}

   {# Set the callback function #}
   {% set form.captcha.data.callback = 'onSubmit' %}
   <p><button class="{{ form.captcha.class }}" {{ form.captcha.button.dataAttr }}>Submit</button></p>
   <script>
   function onSubmit() {
     document.querySelector('.myForm').submit();
   }
   </script>
   {{ form.captcha.js.tag }}
{{ form.closeTag }}

Programatically bind the challenge to a button

Deferring the binding can be achieved by specifying your onload callback function and adding parameters to the JavaScript resource.

{% set form.class = 'myForm' %}
{{ form.openTag }}
   {# Display fields #}
   {% for field in form.fields %}
     <p>{{ field.label.tag }}<br>{{ field.tag }}</p>
   {% endfor %}

   <p><button>Submit</button></p>
   <script>
   function onSubmit() {
     document.querySelector('.myForm').submit();
   }
   function onloadCallback() {
         grecaptcha.render(document.querySelector(".myCustomCaptcha"), {
            'sitekey': '{{ form.captcha.data.sitekey }}',
            'callback': onSubmit
         });
    }
   </script>
   {% set form.captcha.js.src = form.captcha.js.src ~ '?onload=onloadCallback&render=explicit' %}
   {{ form.captcha.js.tag }}
{{ form.closeTag }}

Programmatically invoke the challenge

Invoking the reCAPTCHA verification programmatically can be achieved by rendering the challenge in a div with an attribute data-size=’invisible’ and programmatically calling execute.

The {{ form.captcha.tag }} holds the HTML for the <div> tag.

This option requires that grecaptcha.execute() is called in order to validate the CAPTCHA. If that’s not called then the form cannot be processed as the required reCAPTCHA value would not be submitted.

Typically the grecaptcha.execute() function is called after the form is validated with Javascript.

{% set form.class = 'myForm' %}
{{ form.openTag }}
   {# Display fields #}
   {% for field in form.fields %}
     <p>{{ field.label.tag }}<br>{{ field.tag }}</p>
   {% endfor %}

   {# Set the callback function #}
   {% set form.captcha.data.callback = 'recaptchaCallback' %}
   {% set form.captcha.button.class = form.captcha.button.class ~ ' myCustomCaptcha' %}
   <p>{{ form.captcha.button.tag }}</p>
   <script>
   function recaptchaCallback() {
     document.querySelector('.myForm').submit();
   }
   function onloadCallback() {
      grecaptcha.render(document.querySelector(".myCustomCaptcha"));
   }
   function validate(event) {
      event.preventDefault();
      if (!document.getElementById('field').value) {
        alert("You must add text to the required field");
      } else {
        grecaptcha.execute();
      }
   }
   </script>
   {% set form.captcha.js.src = form.captcha.js.src ~ '?onload=onloadCallback' %}
   {{ form.captcha.js.tag }}
{{ form.closeTag }}