reCaptcha verification stopped working today

413 views
Skip to first unread message

adam.a...@sdcsoftware.com

unread,
Feb 24, 2016, 6:34:33 PM2/24/16
to reCAPTCHA
I manage a site that uses recaptcha for registration. As of 2:30 PM PST today the server-side verification of the client's recaptcha response has been failing.

I didn't personally develop this code and I am not sure the name(s) of the features being used.

The client is shown a captcha in which the check a box "I am not a robot" and sometimes they have to additionally check off some pictures of food or something. This is all working fine.

When the client completes registration they post to my server a very long data string "recaptchaResponse" along with their registration data.

My server sends a POST to https://www.google.com/recaptcha/api/siteverify with this data: 
{
 response: ["03AHJ_Vut3ujeKsjT919rAiYynzpFYE2RIUh0j69vjMfMvmiq397MAT7OxTzgAXJQALWrbUXz....etc"],
 secret: ["a_shorter_string_our_secret_code"]
}

The google server has always previously replied with data like this:
{
 success: true,
 error-codes: []
}
Or sometimes success: false with some errors or etc.


As of 2:30 PM today, google started replying with data like this:
{
  "success": true,
  "challenge_ts": "2016-02-24T23:25:40Z",
  "hostname": "my_servers_hostname"
}

My server is failing to parse this unexpected response into the object it is expecting... users are unable to register.

Is this a known issue? Should I redeploy my server to handle this new data format? Or is this some mistake that will be switched back?

adam.a...@sdcsoftware.com

unread,
Feb 24, 2016, 7:06:29 PM2/24/16
to reCAPTCHA
I redeployed my server to handle the additional fields. I made them optional in case the data format is switched back.

OpenTopography Facility

unread,
Feb 25, 2016, 4:57:21 PM2/25/16
to reCAPTCHA
I have same problem.
Starting yesterday (Feb 24, 2016) it stopped working and now it always returns false:

{
  "success": false,
  "challenge_ts": "2016-02-24T23:25:40Z",
  "hostname": "ot-beta.sdsc.edu"

Google can you fix this as soon as possible?



Fred

unread,
Feb 29, 2016, 6:32:45 PM2/29/16
to reCAPTCHA
The documentation says

https://developers.google.com/recaptcha/docs/verify

The response is a JSON object:

{
  "success": true|false,
  "challenge_ts": timestamp,  // timestamp of the challenge load (ISO format yyyy-MM-dd'T'HH:mm:ssZZ)
  "hostname": string,         // the hostname of the site where the reCAPTCHA was solved
  "error-codes": [...]        // optional
}

That page
Last updated February 23, 2016.
    

Something has been changed recently.

Reply all
Reply to author
Forward
0 new messages