[TriLUG] ReCaptcha ( mobile ) issues

[Jeremy Davis via TriLUG]

Brian,

We had a remotely similar problem with trilug.org links that pointed to the
the trilug wiki. Although it was not a recaptcha. It was a requirement to
log in with username and password to prevent spam, however the username and
password were provided in the popup message.

The pop up had a message with instructions to enter TRI as the user and LUG
as the password.

Chrome users could not see the instructions and we began receiving emails
about it from TriLUG members. I think it did the whitewash thing as well.

The workaround was to direct the users to a webpage with instructions
written in text or basic HTML (no javascript). A link to the wiki was
placed at the bottom of the instructions.

This seems to work for now although a bot may be smart enough to scrape the
page and log in. I thought about putting a picture of the instructions but
thought that may create a bad user experience if the picture does not
display for some reason. For example, some TriLUGers may use a command line
browser or browse with images turned off in their browser settings.

Something like this might work for the chrome browsers that use your site.

Jeremy Davis


On Wednesday, July 20, 2016, Tim Jowers via TriLUG <trilug at trilug.org>
wrote:

> Hi Brian,
>
> Sorry, no ReCaptha experience here but some ideas...'
>
> Been a while since I messed with this but you can connect to the running
> Chrome on an Android phone and debug. Sounds like maybe a javascript error.
> If you are really lucky, maybe some missing js lib. In fact, there is some
> way to run Chrome in a debug mode and see some output on the phone but I
> found that to be tedious and close to useless. At a basic level, maybe you
> would be lucky to attach an Android phone to a running Android debugger
> (e.g. run Android Studio and plug in your phone on Linux and Mac, install
> phone driver also if Windows) and see some useful output into the Android
> debug log. Sorry I'm not up to speed on the iOS equivalent though maybe
> just running xCode and then launching a Simulator and hitting your website
> might reveal something.
>
> My guess is the "white wash" is an attempt to reload the entire page. That
> should not happen with a captcha. It should reload the DOM inside some DIV.
> IMO. Perhaps there is something triggering a form post?  A simple bug could
> be if you had something on your page triggering a form post - but not sure
> why it would happen in a mobile browser other than if you had some
> overlapping elements or something (assuming you tried running on desktop
> with the browser resized to the size of a small phone and possibly other
> phone emulation within a desktop browser).
>
> Also, maybe you can try the chrome://inspect in the mobile Chrome browser
> to see some of the chrome debugging web tool. Haven't played with it on
> mobile but on desktop its a good IDE mix, as you probably know.
>
> Sounds like a tough challenge,
> Tim
>
>
> On Wed, Jul 20, 2016 at 1:55 PM, Brian McCullough via TriLUG <
> trilug at trilug.org <javascript:;>> wrote:
>
> > On Wed, Jul 20, 2016 at 08:38:57AM -0400, Triangle Linux Users Group
> > discussion list wrote:
> > > On 07/20/2016 08:29 AM, Brian McCullough via TriLUG wrote:
> > > > I am working on a web site where we had Captcha installed and
> > > > working for some time, years.  Then Google changed how it was called
> > > > and used, and it broke.
> > >
> > > Forgive me for asking but: do you really get a lot of bots on your
> > > website? Is it maybe an option to get rid of the captcha altogether?
> >
> > I agree, a perfectly reasonable question, and I could counter with a
> > different option.  I could try and determine which browser was coming in
> > and disable the ReCaptcha just for the browsers that matter.
> >
> > As it happens, it was disabled completely for a year or more, between
> > the time that Google changed their API and the time that I "fixed" the
> > code.
> >
> >
> > However, the client has concerns about their Contact page and a page
> > where users can send each other e-mail messages.
> >
> >
> > So, the answer is, to a large extent, yes, we do need ReCaptcha, within
> > a certain range of "need."
> >
> >
> > Brian
> >
> >
> > --
> > This message was sent to: timjowers <timjowers at gmail.com <javascript:;>>
> > To unsubscribe, send a blank message to trilug-leave at trilug.org
> <javascript:;> from that
> > address.
> > TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> > Unsubscribe or edit options on the web  :
> > http://www.trilug.org/mailman/options/trilug/timjowers%40gmail.com
> > Welcome to TriLUG: http://trilug.org/welcome
> >
> --
> This message was sent to: Jeremy Davis <jeremyhwllc at gmail.com
> <javascript:;>>
> To unsubscribe, send a blank message to trilug-leave at trilug.org
> <javascript:;> from that address.
> TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug
> Unsubscribe or edit options on the web  :
> http://www.trilug.org/mailman/options/trilug/jeremyhwllc%40gmail.com
> Welcome to TriLUG: http://trilug.org/welcome



-- 
Jeremy Davis
@jeremydavis0_0
www.linkedin.com/in/jeremydavisprofile/
www.trianglecareerdevelopment.com