Post
Ask Question
Shami Sheikh

Shami Sheikh

  • 1.5k
  • 124
  • 10.9k

How To Increase Recaptcha Security

Aug 2 2018 5:38 AM
Hi
 
I am using google recaptcha v2 in my application I'd integrate it in client side.
 
Here is my code.
  1. <script>  
  2. var onloadCallback = function () {  
  3. grecaptcha.render('recaptcha', {  
  4. 'sitekey''6Lc_qmcUAAAAAJW_kALWjJEwhHGiNWszGXdiBOo5',  
  5. 'callback': reCaptchaCallback,  
  6. });  
  7. };  
  8. var reCaptchaCallback = function (response) {  
  9. if (response !== '') {  
  10. console.log(response);  
  11. }  
  12. };  
  13. function getReCaptchaRes() {  
  14. var message = 'Please check the checkbox';  
  15. if (typeof (grecaptcha) != 'undefined') {  
  16. var response = grecaptcha.getResponse();  
  17. (response.length === 0) ? (message = 'Captcha verification failed') : (message = '');  
  18. }  
  19. $('#reCaptchaLblMsg').html(message).css('color'"red");  
  20. return !(response.length === 0)  
  21. }  
  22. submitHandler: function (form) {  
  23. // call the google recaptcha validation  
  24. if (getReCaptchaRes()) {  
  25. $('.spinner-holder').css('display''block');  
  26. $("#myAjaxRegisterModal2 input[type='submit']").val("Saving ...").attr('disabled''disabled');  
  27. var __RequestVerificationToken = $('[name="__RequestVerificationToken"]').val();  
  28. var RegisterData = {  
  29. __RequestVerificationToken: __RequestVerificationToken,  
  30. ProfileCreatedFor: $('#ddlProfileCreatedFor').val(),  
  31. GroomBrideName: $('#txtName').val(),  
  32. Mobile: $('#txtMobile').val(),  
  33. EmailID: $('#txtEmail').val(),  
  34. Height: $('#ddlHeight').val(),  
  35. Gender: $("input[name='Gender']:checked").val(),  
  36. MaritalStatus: $('#ddlMaritalStatus').val(),  
  37. DOBMonth: $('#ddlMonth').val(),  
  38. DOBDate: $('#ddlDate').val(),  
  39. DOBYear: $('#ddlYear').val(),  
  40. State: $('#ddlUserState').val(),  
  41. City: $('#ddlCity').val(),  
  42. Section: $('#ddlUserSection').val(),  
  43. DivisonText: $('#DivisonText').val(),  
  44. Password: $('#ConfirmPassword').val()  
  45. }  
  46. //form.submit();  
  47. $.ajax({  
  48. url: "/Home/RegisterNewMemberByJson",  
  49. type: "POST",  
  50. data: RegisterData,  
  51. dataType: 'json',  
  52. success: function (data) {  
  53. if (data == "Error") {  
  54. window.location.href = "/Home/Index";  
  55. }  
  56. else if (data == true) {  
  57. $('#myAjaxRegisterModal2').modal('hide');  
  58. RegisterPopUp();  
  59. }  
  60. else {  
  61. $('.spinner-holder').hide();  
  62. $("#myAjaxRegisterModal2 input[type='submit']").val("Save").removeAttr("disabled");  
  63. $('#ageErrorMsg').text(data);  
  64. }  
  65. }  
  66. });  
  67. }  
  68. }  
  69. </script>  
But my concern is if I will change response from browser console then I can hit the ajax method multiple times using a loop. So how can I prevent it to hit my ajax method into loop Or there is something wrong with my captcha integration.
 
My another concern is is it possible to check the captcha response on the client side as well as on the server side. if possible then how

Answers (2)