Closed adrianofoschi closed 9 years ago
vepasto
commented
9 years ago Why would you do that? You can enable or disable submit button by gRecaptchaResponse. If it has a value, you can enable submit button. And even if you would verificate response by ajax, you need to do that again when form is submitted.
adrianofoschi
commented
9 years ago Yes you can enable it only after response and verify response and POST it with form's data. I thought if you do response-verification in one step you can prevent the form submit to another request. So you can use verification like a web-service.
Anyway I'm using it in nodejs RESTfull application, where I can send response with form's data and verificate the user's response with a "recaptcha" middleware. Is it true?
vepasto
commented
9 years ago Why you need to verify the response before sending the forms data?
adrianofoschi
commented
9 years ago Becouse if the response is not success you have a bot, so don't send the forms data
vepasto
commented
9 years ago You wont be able to prevent a bot from sending the form by using front end methods like disabling a button. The validation should happen in the backend before any data is being saved. Using backend validation is the only way to really assure that the one sending you data is not a bot and this is the whole reason why reCaptcha exists.
adrianofoschi
commented
9 years ago It's true. Sorry
It could be useful to create a default http ajax request the to backend for user's response verification. So you can use the angular-no-captcha module more like a service, binding directly the verification response to disable/enable submit button (ie.)