Reputation: 4645
Google recaptcha v3 issues
Why does recaptcha v3 throw an error ? ... when I check the humanity of a visitor a second time on the same page?
Token is clearly NOT a duplicate. ... so what is a duplicate?
First token:
03AEMEkEl76Kn0nMhKlgY8dMOAD2g3zGIHoGOqz95jEFKl8A24gADw-2gBipDYcU7G_TWSqpuWyNa62CIk-tYdreevde0p1lJg_3wwZlmD9giDSdPb_He-mTsIqv0tMuEroJLLArCI4vfbZjcCZ6BYokYEhYbCU-Qqdx9YbqgRG1JJDxE8LRagR0cPY8mfQZ5bZ7KGK8Dfqe8avqOy18RvIcYk-H6s9Bhq28s5YRIkHid163c-yqpeY8U5j9U70aveSuEcLz-UMlgsQ8MaYhHIIv7cJpag2RJFAgGxOZnWONEk2Z9-IK_Ea_4
recaptcha v3 Response:
{
"score":0.1,
"hostname":"localhost",
"success":true,
"challenge_ts":"2018-07-17T21:24:03Z",
"action":"AW___________LGOZCKiH_oQBEJnwwYcD"
}
Second token on same page with same label:
03AEMEkEk-CVItfMmzYErG97inmxzf7mIeWuAgEXmwncu8AvMGP0ofXnwCMFNdBpa7CY8MCkVZ_skiF1HwmGhKBgayFm-fM3VM_QfM5LRNDbxLLyCF8lGclmBBlihmkeT1PsvW9LrVfp2VdikuHxeqvviGnI2NKQHbclvaDnuu5rwy3HS_EiPrn7eJb3z892f8oIOMkVg6tTsCNPCTnH5QuvAIw2DlI3EiRFDSqIjXp4vJdzJIGn10K6Noi1JIPOCzJ8OUshn_yFROWvNNpYNFn3E7tSHk3j0LU9-KDy1RiSoEf2I1VcVEKTE
recaptcha v3 Response:
{"error-codes":["timeout-or-duplicate"],"success":false}
Upvotes: 6
Views: 6823
Answers (4)
Reputation: 1
The monstor captcha token generation at the time of page load is definitely is not a good idea as it expires after 2 mins. If still you bound to do so, you have to renew the token after some time intervals using 'setinterval' in JavaScript.
So to generate the token on button submit 'execute' will do your work better. You can call ajax or java script to call the execute method. Please refer google reCAPTCHA v3 documentation for more information.
Upvotes: 0
Reputation: 756
I had a similar problem, but I realized it was not a good understanding. This error message happens when: 1. The token was already verified, so it becomes "duplicate".
- The token was executed 3 minutes or more before it was verified, so it becomes "timeout".
Regarding the second scenario, the idea is to verify the action when the action is executed. Meaning, if you want to verify a submit operation, then you may need to generate the token to verify when submitting, not right after the grecaptcha Object is ready.
Online documentation has an example where the execute methods is invoked right after the grecaptcha is ready, but that's the case when you want to verify that execution right away. In the case of formularies, the execute method should be placed in the same routine of the form submission, makes sense? Probably I am mistaken, but I have been able to verify click actions, form submit actions, close popups actions, you name them. 😉
Upvotes: 1
Reputation: 93
Yes, This is the error code we get in two case. 1) When we send same token for two requests 2) The token gets expired in every 3 minutes. So if the user do not submit the form in 3 minutes then the token gets expired and we get this error message.
Upvotes: 2
Reputation: 985
The token might have timed out. It happened to me also. On page rendering, a token was generated but I performed an action after a long time. Then it gave me this error. But if the token is generated on action performing then it works fine.
Upvotes: 1
Related Questions
- Google ReCaptch [invalid-input-response] error
- Error: No reCAPTCHA clients exist (reCAPTCHA v3)
- Google ReCaptcha V3 - Missing required parameters: sitekey
- How to solve Google v3 reCaptcha timeout?
- reCAPTCHA v3 not working angular 6 - error executing
- Google Recaptcha v3 Error : "timeout-or-duplicate"
- Google reCaptcha v3 not ready when clicking submit
- Google Recaptcha v2 get requests fail
- Google RECAPTCHA always returning error missing-input-response in the response
- google reCaptcha not rendering