marcinkoziej
commented
3 years ago The captcha is checked in the middleware, and must be valid for the request to be processed at all
Closed tttp closed 3 years ago
marcinkoziej
commented
3 years ago The captcha is checked in the middleware, and must be valid for the request to be processed at all
marcinkoziej
commented
3 years ago @tttp what kind of validation error are we talking about here? Is the widget doing validation anyway, but misses some check? Or is it something where widget relies regularly on backend to validate?
tttp
commented
3 years ago So there are two cases:
I both cases, the user shouldn't have to re-enter the captcha IMO, it's a terrible UX experience
Would it be difficult to alter the order and do the fields validation before the captcha?
marcinkoziej
commented
3 years ago Yeah it would: now it's a nice middleware, after the change it would be deep inside the transaction and trigger a rollback on failure. There are many records being created on the way - Contacts, Consents, Actions, etc, the validation is based integrated with inserting (for instance if there is a unique constraint somewhere, the DB unique_index is used, same for foreign keys, etc). but I can try
marcinkoziej
commented
3 years ago I deferred the captcha check after the actionContact data check
Step to reproduce:
You'll get an error message from the server (eg first name invalid) but the captcha is still checked. Fix the field and submit again
you get an error message "Captcha code invalid (invalid_or_already_seen_response)"
Does it mean that the server verifies the captcha before verifying the fields and "burns" the captcha? It would be more user friendly to first check that the data is valid and if it's the case, trigger the captcha validation.