Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Pages with multiple CAPTCHA protected forms give always "CAPTCHA session reuse attack detected."
for example:
- CAPTCHA on user login block, which is on every page
- CAPTCHA on comment form
- post comment form with correct CAPTCHA
- result: "CAPTCHA session reuse attack detected.", which comes from processing of user login block
Comment | File | Size | Author |
---|---|---|---|
#1 | 995748-reuse-attack-multiple-forms-01.patch | 2.49 KB | soxofaan |
Comments
Comment #1
soxofaan CreditAttribution: soxofaan commentedThis patch should fix it
Problem is still possible when using multiple forms of the same type (same form ID) on the same page
Comment #2
temizu CreditAttribution: temizu commentedit seems the problem is solved, thanks a lot. good work
Comment #3
soxofaan CreditAttribution: soxofaan commentedthanks for testing,
committed for Drupal 6: http://drupal.org/cvs?commit=464000
to be ported to Drupal 7
Comment #4
soxofaan CreditAttribution: soxofaan commentedport of this patch fro Drupal7 depends on #810534: Fix CAPTCHA session reuse
Comment #5
soxofaan CreditAttribution: soxofaan commentedhttp://drupal.org/cvs?commit=470426
includes this patch for D7
still to port: tests from #3
Comment #6
soxofaan CreditAttribution: soxofaan commentedported test is included in http://drupal.org/cvs?commit=470926