Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Blocked frame in reCapcha

Tags:

javascript

recaptcha

I use reCapcha on my local test server. Everything works fine, but I have errors:

Blocked a frame with origin "https://www.google.com" from accessing a frame with origin "http://127.0.0.1:8000".  The frame requesting access has a protocol of "https", the frame being accessed has a protocol of "http". Protocols must match.

And

Blocked a frame with origin "https://www.google.com" from accessing a frame with origin "http://127.0.0.1:8000".  The frame requesting access has a protocol of "about", the frame being accessed has a protocol of "http". Protocols must match.

in html:

...
<script src='https://www.google.com/recaptcha/api.js'></script>
</head>
...
<div class="g-recaptcha" data-sitekey="..."></div>

How to fix that errors?

Thanks!

like image 983
Lev Avatar asked Nov 25 '14 16:11

Lev

People also ask

How do you resolve a blocked frame with origin from accessing a cross origin frame?

Even though same-origin policy blocks scripts from accessing the content of sites with a different origin, if you own both the pages, you can work around this problem using window. postMessage and its relative message event to send messages between the two pages, like this: In your main page: const frame = document.

What is Gstatic reCAPTCHA?

"So reCAPTCHA's gstatic.com domain doing a triangle sync to google.com basically ensures that a user can be found/tracked if either of those domains is embedded into a website," Edwards said.

Can you hide reCAPTCHA badge?

Yes! according to Google's FAQ about the reCAPTCHA you are allowed to hide the badge. However, you have to add a note in the “user flow”. You are allowed to hide the badge as long as you include the reCAPTCHA branding visibly in the user flow.

What happens when reCAPTCHA v3 fails?

If the reCaptcha failed, then it, mostly, a bot. So no actual action is required. So it could be an ignore action - no response action at all.

1 Answers

If you're using an iframe, this part:

Blocked a frame with origin [url here] from accessing a frame with origin [other url here].

Means it's not going to work. Frames can't interfere with each other, or else people would be able to pilfer your data from one frame in the other one. Check out the same origin policy for more details.

You might be able to simplify things for yourself by getting rid of that mixed-protocol error though: You can access the Google files via http instead of https, so trying that may eliminate half your troubles. (You can also just use a url like this: //www.google.com/recaptcha/api.js instead of specifying whether to use http or https.)

like image 71
rabdill Avatar answered Sep 27 '22 22:09

rabdill
Sign in to Comment

Related questions

Using sessions with Express.js v4 and Socket.io v1
Packery when drag then drop an item vertically in a sortable grid, vertical alignment breaks
JavaScript - multiple global objects in multiple HTML frames?
Why does this random() distribution look asymmetric?
I keep getting TypeError: undefined is not a function
Date object in meteor and autoform
How is RegEx handled differently in VBA and JavaScript?
IE 11 - console.log is displaying undefined for object properties
Jquery for tooltip on image map area shapes
Making Loopback API Ember.js compatible
CORS works in chrome but not firefox, angularjs
Coffeescript + Browserify + Gulp + Uglify
Highlighting a new dom element using intro.js
Google maps API V3 fitBounds() not working
passing a webgl canvas to CanvasRenderingContext2D.drawImage()
How to properly minify/combine CSS/JS in web projects with url rewriting
Failed to load resource: net::ERR_CONNECTION_REFUSED for only selective images from instagram API
Polymer ready() and event listeners
Meteor / Mongo - How do you Reference a Lookup Collection? (de-normalize vs normalize)
Chrome Console and Javascript Object Type

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!