Signup captcha with 6.1.8740

Post your Server Bug Report

Signup captcha with 6.1.8740

Unread postby z-vap » 05 Nov 2016, 17:36

I just installed the debian version of 6.1.8740, and I enabled the signup service to test it out. When I tried adding a user, it says Sorry wrong Captcha. Please try again. Well there is no captcha displayed. Is this a known bug or did i miss a setting somewhere?

EDIT: this has to be a bug. It shows in IE 11 but not firefox (v49), nor Chrome (v54)
EDIT2: is there a way to disable captcha? I don't really need it
z-vap
 
Posts: 21
Joined: 08 Jun 2013, 12:36
Has thanked: 4 times
Been thanked: 4 times

Re: Signup captcha with 6.1.8740

Unread postby gurutech » 13 Nov 2016, 19:06

Make sure ad blockers are disabled, or at least your site is whitelisted.
gurutech
Contributor
Contributor
 
Posts: 323
Joined: 02 Jan 2013, 04:56
Has thanked: 12 times
Been thanked: 130 times

Re: Signup captcha with 6.1.8740

Unread postby z-vap » 13 Nov 2016, 21:12

I did make sure of that. IE11 is the only one that it does show, even MS's new Edge brosser fails to show it. I should make mention the web server is nginx, if that makes a difference.
z-vap
 
Posts: 21
Joined: 08 Jun 2013, 12:36
Has thanked: 4 times
Been thanked: 4 times

Re: Signup captcha with 6.2.9080

Unread postby z-vap » 23 Mar 2017, 22:48

I am revisiting this. (occuring also for 6.2.9080) I believe I may have identified the issue with reCAPTCHA not showing up for Firefox and Chrome:

When I went into Chome's debug for the signup page [F12], this was showing as a warning:

Code: Select all
Refused to load the script 'https://www.google.com/recaptcha/api.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.


and here is some info on the ContentSecurity Policy
https://developer.chrome.com/extensions ... rityPolicy

Hopefully someone smarter than I can actually implement this,


the complete list of warnings: signup.view
Code: Select all
Refused to load the stylesheet 'http://fonts.googleapis.com/css?family=Varela+Round:400' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'style-src' was not explicitly set, so 'default-src' is used as a fallback.   

Refused to load the stylesheet 'http://fonts.googleapis.com/css?family=Montserrat:400,700' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'style-src' was not explicitly set, so 'default-src' is used as a fallback. 

Refused to load the script 'https://www.google.com/recaptcha/api.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.

This page includes a password or credit card input in a non-secure context. A warning has been added to the URL bar.  For more information, see https://goo.gl/zmWq3m. 

Refused to load the stylesheet 'http://fonts.googleapis.com/css?family=Varela+Round:400' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'style-src' was not explicitly set, so 'default-src' is used as a fallback. 

Refused to load the stylesheet 'http://fonts.googleapis.com/css?family=Montserrat:400,700' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval'". Note that 'style-src' was not explicitly set, so 'default-src' is used as a fallback..   
z-vap
 
Posts: 21
Joined: 08 Jun 2013, 12:36
Has thanked: 4 times
Been thanked: 4 times


Return to Bug Reports 6.x

Who is online

Users browsing this forum: No registered users and 1 guest

cron