search

duckduckgo / duckduckgo-privacy-extension

DuckDuckGo Privacy Essentials browser extension for Firefox, Chrome.
https://duckduckgo.com/app
Apache License 2.0
1.24k stars 241 forks source link

blocking recaptcha v3 #537

Open jnaklaas opened 3 years ago

jnaklaas commented 3 years ago

Google's Recaptcha v3 is an "invisible" captcha, which determines if you're human or a bot based on your behaviour on the website (mouse movement, clicks, scrolls, etc).

With the ddg privacy extension active, your data is still sent to Google when websites use Google's recaptcha. The data sent to Google is obfuscated so it is unclear which data they gather. For all I know they might even track what data you enter in the form. An xhr request is sent to Google upon a form field change, so that might as well be true. Google's privacy policy isn't clear about this (at least as far as I've read it).

Is there no way to block it without breaking a website's contact forms?

gersomonline commented 2 years ago

I'm sorry, but that is not possible, the site that uses it receives data from the captcha script in the form, and server-side they'll contact Google to verify the data. If the data isn't present, because you blocked the ReCaptcha script, you'll be recognized as a bot.