Jump to content
  • Cannot complete CAPTCHA


    XeR
    • Status: Open Priority: Normal

    The new version of ReCAPTCHA does not let users answer a challenge to prove they are human.

    The following error message is displayed. Refreshing the chat does not help.

     

    Quote

    Failed to verify.

    Refresh the chat and try again

     

    If a machine decides you are not a human enough, you cannot connect to any chat.

    _.png


    Steps to reproduce bug: * Step 1: connect to a chat * Step 2: get a CAPTCHA

    User Feedback

    Recommended Comments

    • Advanced Members
    29 minutes ago, SLOom said:

    Are you able to grab/see if Recaptcha Token is sent properly to server (under https://xat.com/web_gear/chat/AreYouaHuman.php) ?

    I can answer this challenge. It redirects me to a page that reads:

    Quote

    Ok. Close this window and sign in again.

    It still won't let me connect to chats. I tried on Chat, HTML5 and Rubyyy.

     

    My browser makes a request to https://xat.com/web_gear/chat/AreYouaHuman.php with the following content:

    Quote

    m=3

    &j=%7b%22Continue%22%3a%20%221%22%2c%20%22R%22%3a%20%220%22%2c%20%22Type%22%3a%20%22V3Protect%22%2c%20%22r%22%3a%20%223%22%2c%20%22s%22%3a%20%2271%22%2c%20%22t%22%3a%20%2210002%22%2c%20%22u%22%3a%20%220%22%7d

    &g-recaptcha-response=

     

    The server responds:

    Quote

    {"error":"<p style=\"color:#FF0000\"><strong>**<span data-localize=main.recaperr>The reCAPTCHA wasn't entered correctly. Please try again. (reCAPTCHA said<\/span>: )**<\/strong><\/p> \n"}

     

    Then my browser makes a request to https://www.google.com/recaptcha/api2/reload?k=... but I cannot make sense of what's being exchanged here

    Link to comment
    Share on other sites

    • Volunteers

    Ok, so this is a problem with the token not being "fetched" properly. Are you connecting too fast to the chat and captcha is not able to load in time ? Which browser do you use ? 

     

    When you get this error, can you try to close the popup and click sign in again ? To see if it can fix the problem temporarily (since it should reload the captcha after fail)

     

    13 hours ago, XeR said:

    Then my browser makes a request to https://www.google.com/recaptcha/api2/reload?k=... but I cannot make sense of what's being exchanged here

     

    It does a request to reload the captcha.

    Edited by SLOom
    Link to comment
    Share on other sites

    • Advanced Members
    3 hours ago, SLOom said:

    Ok, so this is a problem with the token not being "fetched" properly.

    I think the CAPTCHA works. My setup probably has a score below xat's threshold.

    The problem is that, unlike the previous version of the captcha, there is nothing I can do to prove I am a human.

    See https://stackoverflow.com/questions/52546045/how-to-pass-recaptcha-v3

     

     

    3 hours ago, SLOom said:

    Which browser do you use ?

    Mozilla Firefox (last version) with some privacy extensions.

    I do not use Google products (Search, Youtube, Gmail, etc.) and actively block trackers (Google Analytics, Google Tag Manager, Google Fonts)

     

     

     

    3 hours ago, SLOom said:

    When you get this error, can you try to close the popup and click sign in again ?

     

    Here are all the requests my browser and the server exchange:

     

    GET to wss://wss.xatbox.com/v2

    Quote

    tx: <y r="123" v="0" u="151747257" />
    rx: <y l="32696" t="10034" s="71" C="1" />
    rx: <logout e="E46" />

     

    POST to https://xat.com/web_gear/chat/AreYouaHuman.php

    Quote

    m=3
    &j=%7b%22Continue%22%3a%20%221%22%2c%20%22R%22%3a%20%220%22%2c%20%22Type%22%3a%20%22V3Protect%22%2c%20%22r%22%3a%20%22123%22%2c%20%22s%22%3a%20%2271%22%2c%20%22t%22%3a%20%2210034%22%2c%20%22u%22%3a%20%221541747257%22%7d
    &g-recaptcha-response=

     

    Response:

    Quote

    {"error":"<p style=\"color:#FF0000\"><strong>**<span data-localize=main.recaperr>The reCAPTCHA wasn't entered correctly. Please try again. (reCAPTCHA said<\/span>: )**<\/strong><\/p> \n"}

     

    POST to https://www.google.com/recaptcha/api2/reload?k=6LdBquAZAAAAADOcFT2FE6WuXn9IzWwtJ-nr8K9o

     

     

    At this point, the chat shows the "Failed to verify" pop-up.

    I can close the pop-up. The "Sign In" button reads "Connecting..." (despite the WS connection being closed by the server)

    I press the button again.

     

    GET to wss://wss.xatbox.com/v2 (same as before)

    Quote

    tx: <y r="123" v="0" u="151747257" />
    rx: <y l="32696" t="10034" s="71" C="1" />
    rx: <logout e="E46" />

     

    POST to https://xat.com/web_gear/chat/AreYouaHuman.php (now with a g-recaptcha-response)

    Quote

    m=3
    &j=%7b%22Continue%22%3a%20%221%22%2c%20%22R%22%3a%20%220%22%2c%20%22Type%22%3a%20%22V3Protect%22%2c%20%22r%22%3a%20%22123%22%2c%20%22s%22%3a%20%2271%22%2c%20%22t%22%3a%20%2210034%22%2c%20%22u%22%3a%20%221541747257%22%7d
    &g-recaptcha-response=03AGdBq26b2JKIx2-EBuyBskoD_A4kPAaxBUBCWxtjf0ZvNa_vEzJeF_RS41ej7QwO5q8fOQgrIcNg7tBD0ETRwor-fYOp9iaW_I6WrzXlxR3u-X53l7lV2V4ni7pqtJ0kjBzWRcTsYVXil3Sa69qbtwh6dPOV2L5DcHky4NWUgz6-5n-Kc7k63r76KcA7i1fe8NoxB4zFoc0C9wwK62_DRPSo-Y51IffrMIBOz4bgvqaHndQ02x-27qq5QkkQvF_ZYX0ghTfirwz_Bl0vBMk1Va74wLcD4uFSCRqgtbUwI8OIKlenX4e22Vi3VT-cnNabrX6mZ_1uigVAGsTQm2vno_zBsGx6Fz67_HJq4hRJW-2T4iXgryX2OW9RNxOUGfhaqla5A3PnzH-3eGu2Iagdx6_YPYcRW-hLEpqCJVZrBQZX8ysEYGrZmylKsRmguxm6D9oVtOLkafj6wMYr6Qv2_4aboj_eKyJZZA

     

    Reponse:

    Quote

    {"Type":"V3Protect","Command":"GotCap","Result":"OK","Page":"this","Next":"pop","c":"4437158297798694075","t":1609072037,"r":123}

     

    POST to https://www.google.com/recaptcha/api2/reload?k=6LdBquAZAAAAADOcFT2FE6WuXn9IzWwtJ-nr8K9o

     

    At this point, the pop-up briefly shows "Verification successful" with a green tick.

    The background becomes blank and something reloads (I'm not sure if the whole page refreshes or just the background)

     

    GET to wss://wss.xatbox.com/v2 (notice the j and k parameters)

    Quote

    tx: <y r="123" v="0" u="151747257" j="1609072037" k="4437158297798694075" />
    rx: <y l="32683" t="10034" s="71" C="1" />
    rx: <logout e="E46" />

     

    The sign-in button once again reads "Connecting...".

    Clicking it brings me back to the second websocket GET.

     

    I gave up after approximately 10 attempts.

    Link to comment
    Share on other sites



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Restore formatting

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Priority Definitions

     

    Trivial The issue is considered low priority.

    Normal This is the default priority.

    High A feature or service is not working properly, and it impacts a lot of people. The issue should be fixed in the near future.

    Critical The issue is show-stopping, meaning that a certain feature or service is completely broken with no available workaround. The issue impacts a lot of people and requires immediate repair.

  • Status Definitions

     

    Open The issue is pending, or we are still working on the issue.

    Fixed The issue has been resolved. The fix may not be immediately noticeable and may be released in a future version or update.

    Closed This record is either not considered an issue or is better suited as a suggestion. If it is an issue, it may not be reproducible.

    Won't Fix The issue will not be fixed because it is too low in priority. The issue is very minor. The resources required to fix the issue cannot justify the benefits received from fixing the issue. This means the issue is closed.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.