The new Recaptcha v2: buggy (Session expired, Invalid Reload Parameters) and incomplete

[Wyk Parish]

Bug:

    After reCaptcha v2 is completed, its session times out (too soon) and on re-click produces popup error: Invalid Reload Parameters. Then just animate and do nothing on the next clicks. See group post  here and here for more info.

Unfinished: 

     No reload command available. And there should be an event triggered for the session expiry. Session expiry time should be settable as well. Also, needs to be responsive and allow more customization. This is the mobile era.

Please fix and finish up this otherwise excellent contribution to the web world.

[Arunvel Sriram]

You can reload the no CAPTCHA reCAPTCHA through JavaScript by calling reset() function of the global grecaptcha object.

grecaptcha.reset();

[Wyk Parish]

Thanks for the suggestion. How are you supposed to know when to call this since Google seems to send no event upon expiry (unless I'm missing something).  Would I just do the reset every 2 minutes regardless just to be safe?  Feels like a hack.

[Arunvel Sriram]

You don't have to reset it every two minutes. When session expires just the user has to perform the verification again and its not necessary to reset the captcha.

One scenario where you will want to reset the captcha is when you submit a form through AJAX. The sequence of steps which occurs is given below:

1. Fill the form and captcha

2. Click submit button

3. AJAX request  will be sent

4. Receive success / failure response

5. Now reset the form and reset the captcha

[Wyk Parish]

Arunvel, please re-read the original post. The recaptcha is broken after its session times out (2 minutes). Running the reset command does resurrect it but this is a hack. Basically, I will have to issue the 'reset' command myself before the two minute expiry and generate my own "alert" message it seems until this bug is fixed.  Thanks for pointing out the reset function though.

[Meruem]

The issue I am having is (im using version 2.0 api), 

* I'm using angular to http POST

* I have to use the recaptcha data-callback to get the g-recaptcha-response in the $scope; because the form isnt being submitted in the traditional sense. I'm using the $http service in angular

1) User previews the form and the first thing they do is hit the reCAPTCHA and verify

2) g-recaptcha-response is stored in a hidden field bound to ng-model

3) User starts to fill out the form

4) The reCAPTCHA session expires while the user is filling out the form, and they click submit without revaliding the captcha. My validation logic thinks they did fill out the captcha because the previous g-recaptcha-response is still in my $scope. So I am not able to properly express to the user on the screen that the captcha needs to be done again.

There is no call back for session expiring so I can't clear the g-recaptcha-response in the $scope 

I cant think of any non-clunky ways of handling this. other than sending a old g-recaptcha-response to the google api call and getting back a non-passing json response

[Meruem]

Yeah I am getting this too. .net 4.5.2, MVC, WebAPI, Angular, reCaptcha 2.0. I complete the captcha, then try wait 2 minutes to get the expired message on the reCaptcha. try and click the box and a dialog box pops up in chrome saying invalid reload parameters

[Julian Mallett]

I had this problem too and I think I've worked out how to recreate it.

• Make a form with a reCAPTCHA.
  
• Complete the CAPTCHA and submit.
   - Make sure your PHP / backend script processes the CAPTCHA data, POSTs it to Google and gets a success response. This is important, it seems.
   - Have your form throw an error message so you remain on the page with the CAPTCHA.
  
• Wait for the reCAPTCHA session to expire.
• Click on the reCAPTCHA tickbox. It will attempt to reload before throwing an `invalid reload parameters` error.
• Now I don't think you can do anything with the CAPTCHA until you reset it or reload the page.

My 'fix' is to reload the reCAPTCHA whenever my form throws an error message.

[Grady Coker]

I have run into the exact same issue.  I remember a few weeks ago when I first added the recaptcha timeout did not throw this error, but it started happening last week.

Has anyone found a solution to this?