Hi reCAPTCHA users,
In April, we will begin to turn down the legacy URL for reCAPTCHA's
HTTPS API. If your site uses reCAPTCHA over SSL, you will need to
make a minor code change before April 11.
If your site does not load the reCAPTCHA challenge API over SSL, you
do not need to make any changes. You can tell if you’re using SSL by
looking at the source of your page(s) which contain reCAPTCHA and
seeing whether you use "https://api-secure.recaptcha.net" anywhere.
The transition involves a very simple change to your code. Any time
between now and April 11, you need to replace all instances of:
If you don’t make the change before April 11, your users might see SSL
certificate warnings when visiting your site. (However, the CAPTCHA
should still load normally, unless the user has restrictive security
Most commonly, this shows up as a call to the reCAPTCHA challenge API
on the page that contains reCAPTCHA, such as:
This call needs to change to something like this:
... everything after the /challenge can remain exactly as it was.
Another thing to look for is if you're including the reCAPTCHA
Would need to change to:
We're sorry for the inconvenience; please let us know if you have any
questions or concerns about making this change. We will be contacting
SSL-using site owners individually to let them know about this change;
however we wanted to post in the public forum as well, since we may
not have up-to-date contact information for all sites.
Colin & the rest of the reCAPTCHA team