Jump to content

hCaptcha integration not working as expected


derpunker
Go to solution Solved by derpunker,

Recommended Posts

Dear IPS support,

we are currently facing the issue that the registration of new users doesn't work in every case.
It was hard to find out what's the background, but the root cause is the behavior of hCaptcha.

Repro steps:

  • Open the registration form => hCaptcha is visible
  • Make some invalid input or leave all fields empty and press the "Create my Account" button
  • Form is reload but hCaptcha is missing => problem, no registration possible

 

The video shows the issue.

 

Please have a look and fix this issue with your next maintenance release.

The issue is really a hurdle for some users.

 

Thanks and best regards.

 

 

Link to comment
Share on other sites

Would suggest ensuring you're on the latest release with all third party add-ons disabled and using an unmodified theme. As when I do what you just did in your video, I get redirected to the registration page. E.g. it is no longer open in a popup modal like in your screencast. Therefore, you're either running something which is causing this.

Then each time I submit the registration form, hCAPTCHA loads without issue.

Link to comment
Share on other sites

Dear @Jim M

Thanks for your suggestions. I did all your recommended steps, but the situation doesn't change.

  • Latest IPS version is installed (patch included)
  • No IPS files are changed
  • All plugins are disabled, only "System" and "Forums" are enabled
  • IPS default theme (unchanged) set as default

2024-02-24 16-02-16.mkv

 

The redirection to the registration page doesn't happen in my case.

As soon as the registration form is not hosted in a popup, the hCaptcha is working as expected. This I can confirm.


 

Link to comment
Share on other sites

We would need to look further into this for you, however the access details on file appear to be incorrect or missing. Could you please update these details by visiting your client area, selecting the relevant purchase, then clicking "Review/Update Access Information" under the "Stored Access Information" section. 

We look forward to further assisting you. 

 

Link to comment
Share on other sites

@Jim M

Access information are updated.

Access to AdminCP should be possible now.
FTP access is still not possible, because the FTP account is disabled and I can't access the server managment console at the moment.

The FTP account will be enabled as soon as I have reached the server admin.

For having a first look, I hope AdminCP access is enough.

Link to comment
Share on other sites

1 minute ago, derpunker said:

Ah, I guess I know what has happened.

Looks like you are using die LIVE system (forum.****)
The account is only enabled in the test system.
Please have a look on the AdminCP URL.

I'm afraid, support would only be provided on Live URLs. Test URLs are only applicable for your testing/development purposes but would not be supported.

Link to comment
Share on other sites

6 minutes ago, derpunker said:

The test system is a 1:1 copy from the live system.

I can't disable the 3rd party plugins in the live system.

Please have a look.

As mentioned, support would only be provided on live URLs.

Link to comment
Share on other sites

8 minutes ago, derpunker said:

If you are not willing the have look into my test system, activate the quick registration in your system and have a look.

 

Could contain: Page, Text, City

 

You will see the effect.

 

This is indeed what I have set on my installation which I mentioned above so we would need to see this on your live site to provide support.

Link to comment
Share on other sites

4 minutes ago, Jim M said:

This is indeed what I have set on my installation which I mentioned above so we would need to see this on your live site to provide support.

Please tell my why this investigation can't be done in a 1:1 copy?!

Investigations and analyzes in a live system is a no go for me!
You should be happy that the problem can be reproduced in a test system and does not pose a risk to the live system.

As I already mentioned above disabling the plugins is not possible, because the website is live and won't work for my customers!

----

Use my other subscription, it's the same there.
This URL is the live URL you insist on.
Access Information just update in the client area.

 

 

Link to comment
Share on other sites

10 minutes ago, derpunker said:

Use my other subscription, it's the same there.
This URL is the live URL you insist on.
Access Information just update in the client area.

Thank you. Please ensure that this instance has all patches applied and is available externally as I am getting various 401 errors in the Javascript console. It may be getting blocked by the .htpasswd.

Link to comment
Share on other sites

The whole website is under .htaccess.
The credentials are the same as for the AdminCP, which are available in the client area.

There is only one 401 error and this is the manifest, which doesn't harm.

I just installed the latest patch.

Link to comment
Share on other sites

To get further here:

  • only hCaptcha is affected by problem
  • the "google" captchas are working fine

 

Looking into the IPS code make the probleme clear. The problem is how hCaptcha works and how it's integrated.

This IPS code part loads the js file from hcaptcha.com and this javascript code responsible for showing the hCaptcha.
The IPS hCaptcha template is simple and no data-controller is involved.

Could contain: Page, Text

The external javascript code is doing some magic stuff, among other things, it is searches for an element with the class "h-captcha" and adds the iframe for the hCaptcha.

 

Summary:

As long as the registration form is hosted in the popup, no browser will load the external javascript file again and the captcha is not created.
For the browser, the js-file is already available and no need to load it again.

 

The registration form as a page (no popup) reloads everything, including the hcaptcha.com script. That's why it works there.

Link to comment
Share on other sites

The hCaptcha script sets a global variable.

window.hcaptcha

As long as this global variable set, the hCaptcha doesn't load/render.

Resetting the variable (window.hcaptcha = undefined) let the hCaptcha load again.

Calling explizit "window.hcaptcha.render" brings it back too.

Please refer to the video:

2024-02-24 21-46-53.mkv

 

Now it's your turn.

Resetting the global variable should be the easierst solution.

 

 

 

Link to comment
Share on other sites

I am sorry you feel that we were being uncooperative. I'm afraid, we have standards of support which help us help all our clients in an efficient manner. The standards of support policies were agreed to at time of purchase. When we reach a unique environment encountering something which we can't reproduce in a normal environment, we need to undo that uniqueness as that may be the root cause. I'm afraid, you're still encountering something which I cannot encounter in a default environment of Invision Community. However, I will report this internally to see if this is something we can reproduce.

Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...