Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
The reCAPTCHA HTTPS API URL has been moved. More information here: https://groups.google.com/forum/#!topic/recaptcha/V7qswqBnA1o
D6 patch to follow.
Comment | File | Size | Author |
---|---|---|---|
#22 | 1124950.22.patch | 7.58 KB | mvc |
#17 | update_urls.patch | 6.69 KB | atodorov |
#16 | 1124950.16.patch | 7.3 KB | mvc |
#15 | 1124950.15.patch | 7.3 KB | mvc |
#12 | 1124950.12.patch.txt | 4.8 KB | mvc |
Comments
Comment #1
pifantastic CreditAttribution: pifantastic commentedPatch for 6.x-1.x that corrects the URL for the secure API.
Comment #2
Aaron Stanush CreditAttribution: Aaron Stanush commentedYou can read more about the changes here: https://groups.google.com/forum/#!topic/recaptcha/V7qswqBnA1o
Comment #3
codycraven CreditAttribution: codycraven commentedConfirmed working. The API address change prevents recaptcha from working without this patch preventing any users without bypass captcha from submitting the form. Elevated to critical for this reason.
Comment #4
quinns CreditAttribution: quinns commentedSubscribing.
Comment #5
j0nathan CreditAttribution: j0nathan commentedSubscribing.
Comment #6
LGLC CreditAttribution: LGLC commentedThanks for the patch - it worked a treat.
Comment #7
divbox CreditAttribution: divbox commentedpatch works
Comment #8
mlaw CreditAttribution: mlaw commentedPatch works. Thanks.
Comment #9
mvc*sigh* this is exactly why modules shouldn't ship with included libraries.
here's a patch which actually upgrades the bundled copy of recaptchalib.php to the latest version, 1.11, from http://code.google.com/p/recaptcha/downloads/list there are changes to several other URLs as well.
that said, this library doesn't declare a version number in a constant, so even if this library was unbundled this module wouldn't be able to easily check for the right version. i've reported this issue upstream: http://code.google.com/p/recaptcha/issues/detail?id=110
if google fixes that, we can patch this to unbundle the library and place it in sites/all/libraries, like the wysiwyg module does.
Comment #10
chadhester CreditAttribution: chadhester commentedI can confirm that the patch worked with 6.x-1.5. Thanks!
Comment #11
iva2k CreditAttribution: iva2k commentedThe patch should get rid of the last
(Even if the upstream changes have the closing PHP tag). In Drupal the convention is to ommit last closing PHP tag at the end of the file, so any end-of-line characters won't create "headers already sent" situation.
I've tested without closing tag.
Confirm, patch works. If not the closing tag, would state RTBC.
Comment #12
mvc*shrug* okay, here you go
Comment #13
iva2k CreditAttribution: iva2k commentedGreat! Tested and works - fixes the problem.
Comment #14
pounardNice I did use this patch and it works well. It'd be cool to have a stable release soon enough to avoid keeping a patched version of this module on production sites.
Comment #15
mvcI've just noticed that this patch isn't complete, since a URL is hardcoded in the .module file too: #1132420: Insecure loading of recaptcha_ajax.js causes security warning in Chrome browsers
This new patch fixes that as well; please test.
Comment #16
mvcoops, i forgot to remove
?>
, please use this versionComment #17
atodorov CreditAttribution: atodorov commentedI see that folks have produced various patches. I'm attaching my own patch which I created before finding this ticket. It updates recaptchalib.php to 1.11 (which updates the urls) and also updates URLs in recaptcha_mailhide.module and recaptcha.module.
Edit: forgot to mention that this patch is against version 6.x-1.5
Comment #18
dstolsub
Comment #19
RobLoachThanks! http://drupalcode.org/project/recaptcha.git/commitdiff/4f7cc99
Comment #20
RobLoachOh, this is already part of Drupal 7 :-).
Comment #21
pounardNice, thanks for the release.
Comment #22
mvcactually, a few URLs still need to be changed in 7.x-1.x-dev. among other things this is required for #1132420: Insecure loading of recaptcha_ajax.js causes security warning in Chrome browsers. some of these URLs are currently being redirected by google, but not all.
Comment #23
Vacilando CreditAttribution: Vacilando commentedSubscribing.
Comment #24
RobLoachThanks! http://drupalcode.org/project/recaptcha.git/commit/10aa887
Comment #25
avskip CreditAttribution: avskip commentedsubscribing