Recaptcha Validate 的 JavaScript、JQuery 或 AJAX 版本

Question

我正在尝试使用一些 js 代码验证 recaptcha，但获得了一些权限错误“访问被拒绝” 是否可以在多个浏览器中使用 javascript 验证代码和 ajax 来实现验证。

<script type="text/javascript">


    $(document).ready(function() {

        Recaptcha.create("var_public_key", recaptchadiv, {
            theme: "clean",
            callback: Recaptcha.focus_response_field
        });
    });


function submitFormData() {

var urlString = "http://www.google.com/recaptcha/api/verify";
var params = encodeURI("remoteip=" + $("#userIp").val() +"&privatekey=" + var_private_key + "&challenge=" + Recaptcha.get_challenge() + "&response=" +
Recaptcha.get_response());
        params = encodeURI(params);
        var status = document.getElementById("status");
        status.className = "";
        status.innerHTML = "<b>Submitting your data. Please wait...</b>";
        var html = $.ajax({
            type: "POST",
            url: urlString + "?" + params,
            async: false
        }).responseText;

        alert("ResponseText: " + html + ", Recaptcha.responseText: " + Recaptcha.responseText);

        var result = html.split("\n")[0];

        if (result == "true") {
            status.innerHTML = " ";
            return true;
        }
        else {
            status.className = "GlobalErrorText";
            status.innerHTML = "Your captcha is incorrect. Please try again";
            Recaptcha.reload();
            return false;
        }
    }
</script>

Answer 1

@Boug 是对的，这就是所谓的跨站 ajax 请求，你可以看看这个问题，看看你是否能找到解决方案Cross-site AJAX requests 但是......

我认为将您的recaptcha 的私钥放在javascript 中是一个漏洞，recaptcha 应该在服务器端代码上进行验证，这个问题包含有关如何在Asp.Net MVC How to implement reCaptcha for ASP.NET MVC? 中实现recaptcha 的有用链接我使用了这种方法并且它完美运行http://www.dotnetcurry.com/ShowArticle.aspx?ID=611&AspxAutoDetectCookieSupport=1

Answer 2

您收到权限错误，因为您的 ajax 代码试图访问与您的脚本不同的站点 (google) 上的脚本。据我所知，出于安全原因，我认为您不能进行跨站点 Ajax 调用

Answer 3

问题已经回答了。但是，这里有一些可以在 ASP.NET WebForms 中工作的附加代码，它使您能够使用 reCaptcha 控件向页面发出本地 AJAX 请求，然后进行服务器端验证码验证。页面的 web 方法将返回 true/false。

我从mindfire solutions 获得了这段代码，但是在 Ajax 成功回调中添加了 JS 函数的执行 b/c Ajax 正在进行异步回调。

Javascript：

<script type="text/javascript">
$(function(e) {
    $("#submit").click(function() { // my button is type=button, not type=submit
        // I'm using jQuery validation and want to make sure page is valid before making Ajax request
        if ( $("#aspnetForm").valid() ) {
            validateCaptcha();  // or validateCaptchaJson() if you want to use Json
        }   // end  If ($("#aspnetForm").valid())
    }); // end $("#submit").click()
}); // end $(function(e)


function validateCaptcha() {
    // Individual string variables storing captcha values
    var challengeField = $("input#recaptcha_challenge_field").val();
    var responseField = $("input#recaptcha_response_field").val();

    // Ajax post to page web method that will do server-side captcha validation
    $.ajax({
        type: "POST",
        url: "page.aspx/ValidateCaptcha",
        data: "recaptcha_challenge_field=" + challengeField + "&amp;recaptcha_response_field=" + responseField,
        async: false
        success: function(msg) {
            if(msg.d) { // Either true or false, true indicates CAPTCHA is validated successfully.
                // this could hide your captcha widget
                $("#recaptcha_widget_div").html(" ");
                // execute some JS function upon successful captcha validation
                goodCaptcha();
            } else {
                // execute some JS function upon failed captcha validation (like throwing up a modal indicating failed attempt)
                badCaptcha();
                // don't forget to reload/reset the captcha to try again
                Recaptcha.reload();
            }
            return false;
        }
    });
}

function validateCaptchaJson() {
    // JavaScript object storing captcha values
    var captchaInfo = {
        challengeValue: Recaptcha.get_challenge(),
        responseValue: Recaptcha.get_response()
    };

    // Ajax post to page web method that will do server-side captcha validation
    $.ajax({
        type: "POST",
        url: "page.aspx/ValidateCaptcha",
        data: JSON.stringify(captchaInfo),  // requires ref to JSON (http://www.JSON.org/json2.js)
        contentType: 'application/json; charset=utf-8',
        dataType: 'json',
        success: function(msg) {
            if(msg.d) { // Either true or false, true indicates CAPTCHA is validated successfully.
                // this could hide your captcha widget
                $("#recaptcha_widget_div").html(" ");
                // execute some JS function upon successful captcha validation
                goodCaptcha();
            } else {
                // execute some JS function upon failed captcha validation (like throwing up a modal indicating failed attempt)
                badCaptcha();
                // don't forget to reload/reset the captcha to try again
                Recaptcha.reload();
            }
            return false;
        }
    });
}
</script>

页面的 Web 方法 (VB.NET)：

<WebMethod()> _
Public Shared Function ValidateCaptcha(ByVal challengeValue As String, ByVal responseValue As String) As Boolean
    ' IDEA: Get Private key of the CAPTCHA from Web.config file.
    Dim captchaValidtor As New Recaptcha.RecaptchaValidator() With { _
     .PrivateKey = "your_private_key_goes_here", _
     .RemoteIP = HttpContext.Current.Request.UserHostAddress, _
     .Challenge = challengeValue, _
     .Response = responseValue _
    }

    ' Send data about captcha validation to reCAPTCHA site.
    Dim recaptchaResponse As Recaptcha.RecaptchaResponse = captchaValidtor.Validate()
    ' Get boolean value about Captcha success / failure.
    Return recaptchaResponse.IsValid
End Function