Open sanjibmodak123 opened 5 months ago
This feature makes sense to me. Needs a volunteer to investigate / work on. But, hopefully it shouldn't be too difficult for someone to add the ReCAPTCHA logic to the feedback form (similar to the registration form).
In the meantime, it's also possible to disable the feedback form by setting feedback.recipient =
(set it to an empty value) in your backend's local.cfg or dspace.cfg. This was made possible as of DSpace 7.6, see #2323.
Hi! @tdonohue . I'd like to claim this issue.
@VictorDuranEscire : Apologies for the delayed response, but I was out of the office.
Assigning this to you. Please also be aware there was a recent related ticket about issues with our current reCAPTCHA implementation created in #3260. It's possible it is related to any work you do to enable reCAPTCHA in the feedback form.
The feedback form within the DSpace repository poses a significant threat from spam emails. This is causing permanent blocking of email IDs due to policy violations. To tackle this risk and ensure the integrity of the whole system, the integration of Google reCAPTCHA is highly required as soon as possible. This feature will surely minimize the risk and threat from the potential misuse of feedback form for different advertisement campaigns or any other spam emails.
To make this happen we can use the existing Google reCAPTCHA system that is been used in the registration form. Similarly, dspace.cfg file should have the option to enable Google reCAPTCHA for the Feedback form also, which will provide flexibility for the administrators on whether to use reCAPTCHA in the feedback form or not.