I have two websites, installed reCaptcba on one, created the keys in Google and followed the guidance, putting the keys in web.config and appsettings.json (probably not necessary). This works fine, I even found the keys that allow it to be tested on a local server. I then went to my second website and tried to do the same. This website had no web.config file so I created one and put the keys for the second website into it. However, when I tested the site on the local server it came up with the error 'InvalidOperationException: Site key cannot be null or empty.' when it hits the line @Html.RecaptchaWidget(). I then published the website and the same error occurred. I suspect that web.config is not be accessed, although it is there in both my local View folder and on the remote server. Assuming that this is where the problem lies, how do I get the key read?

Hello, I have integrated the reCaptcha into an ASP.NET MVC form for registering new users. When the web form ist opened for the first time, the reCaphta is shown and if the form is filled with correct parameters, the registration can be finished successfully. If a user set in some wrong parameters in the form, the server side validation detects an error and the registration form is shown once more, but without the reCaptcha. How can I force the reCaptcha to be schown again after a validation error?
Now the reCaptcha is only be shown once more, if a user hits the browser reload button or F5.

When I try to parse correct response with return reCaptcha.Verify(); I receive following exception:
9200 11:07:59 ERROR Application error.
Exception: System.Web.HttpUnhandledException
Message: Exception of type 'System.Web.HttpUnhandledException' was thrown.
Source: System.Web
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Nested Exception

Exception: System.IO.FileLoadException
Message: Could not load file or assembly 'Newtonsoft.Json, Version=7.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed' or one of its dependencies. The located assembly's manifest definition does not match the assembly reference. (Exception from HRESULT: 0x80131040)
Source: Recaptcha.Web
at Recaptcha.Web.RecaptchaVerificationHelper.VerifyRecpatcha2Response(String privateKey)
at ....get_CaptchaValidation() in ...\Captcha.ascx.cs:line 30
at ...CvCaptchaRequiredValidate(Object source, ServerValidateEventArgs args) in ...\Captcha.ascx.cs:line 54
at System.Web.UI.WebControls.CustomValidator.OnServerValidate(String value)
at System.Web.UI.WebControls.BaseValidator.Validate()
at System.Web.UI.Page.Validate(String validationGroup)
at System.Web.UI.WebControls.LinkButton.RaisePostBackEvent(String eventArgument)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

This does not happen if I have empty response (captcha is not clicked) - error is not shown.

My project references Newtonsoft.Json 6.0.0.0, in references of reCaptcha I see that there is 7.0.0.0 version used.

On one server, server side validation is not working. Found that this line creates a timeout.

Properly a server issue, but through I would point it out.

There are errors in the documentation, the biggest of which is in the description of the security key configuration, where the "key" attribute is mistakenly labeled "name'.

Please add strong name signing

Many thanks

I am loading the Recaptcha (vr 1.7.0) into an MVC view using the following:

@Html.Recaptcha(, Recaptcha.Web.RecaptchaTheme.Clean, Nothing, 0, True)

It seems the library is checking Request.IsSecureConnection() to determine whether or not the path should use SSL and overriding the UseSsl property set in the constructor. As I am behind a load balancer that is using SSL offloading, it would always return false if Request.IsSecureConnection() is called.

Can the value set in the constructor always take priority over what Request.IsSecureConnection() returns?

Thanks for a great tool!

Project not running on local

Hi i create ActonFilterAttribute and i have problem with null reference exception in recaptchaHelper.VerifyRecaptchaResponse().

This problem is only for version 2.

public class IsValidCaptcha : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
var controller = (filterContext.Controller as Controller);
if (controller == null)
return;

        var ms = filterContext.Controller.ViewData.ModelState;

        var recaptchaHelper = controller.GetRecaptchaVerificationHelper();
        if (String.IsNullOrEmpty(recaptchaHelper.Response))
        {
            ms.AddModelError("", "Captcha answer cannot be empty.");
        }
        var recaptchaResult = recaptchaHelper.VerifyRecaptchaResponse();
        if (recaptchaResult != RecaptchaVerificationResult.Success)
        {
            ms.AddModelError("", "Incorrect captcha answer.");
        }
    }
}

at Recaptcha.Web.RecaptchaVerificationHelper.VerifyRecpatcha2Response(String privateKey)
at SteamMarket.Logic.Common.Filters.IsValidCaptcha.OnActionExecuting(ActionExecutingContext filterContext) in G:___ORIK\SteamMarket\SteamMarket\SteamMarket.Logic\Common\Filters\IsValidCaptcha.cs:line 23
at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.InvokeActionMethodFilterAsynchronouslyRecursive(Int32 filterIndex)
at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.InvokeActionMethodFilterAsynchronouslyRecursive(Int32 filterIndex)

There is no way of setting the size to compact to be able to support smaller devices. It would be a very handy feature to have!
https://developers.google.com/recaptcha/docs/display

The docs give 2 options for checking the user's response.
Option 1:
RecaptchaVerificationResult recaptchaResult = await recaptchaHelper.VerifyRecaptchaResponse();

Option 2:
RecaptchaVerificationResult recaptchaResult = await recaptchaHelper.VerifyRecaptchaResponseTaskAsync();

Both options give code suggestion errors.

The errors for Option 1:
"The await operator can only be used within an async method. Consider marking this method with the async modifier and changing its return type to 'Task'
'RecptchaVerificationResult' does no contain a definition for 'GetAwaiter' and no extension method 'GetAwaiter' accepting a first argument of type 'RecaptchaVerificationResult' could be found (are you missing a using directive or an assembly reference?)'"

The errors for Option 2:
"The await operator can only be used within an async method. Consider marking this method with the async modifier and changing its return type to 'Task'

Using the code suggestion changing
"public ActionResult Creat ....." to
"public async System.Threading.Tasks.Task Creat ......"
allows Option 2 to compile, but it does not work.

If neither Option 1 or 2 are used, i.e. only the check for any response at all is made, then this works.

Thanks.

Hi,
This is a feature request, not a bug report.

It will be great if this package support also the v3 of the google recaptcha.

Hello,

I've been going through the documentation and I'm having a difficult time finding out how to specify the onloadCallback function as specified at https://developers.google.com/recaptcha/docs/display#explicit_render.

Does the library currently support this? if so how would I implement it?

You maybe know, I've made a fork of the project and have implemented support of the latest version of the reCAPTCHA API (including the new widget support) with keeping of full backward compatibility with the Recaptcha for .NET assemblies. Source code is also mirrored on GitHub at https://github.com/evnik/reCAPTCHA4net.
I believe my changes could be ported back to the Recaptcha for .NET project. Let me know if you interested in, and I will create a pull request.

I'm moving my project from MVC5 to Asp.Net Core using Razor Pages and found that only MVC is supported. It woud be great to have some kind of RecaptchaRazorPageExtensions.cs and also the one for Blazor.

Thanks.

I have a complex project using .NETFramework,Version=v4.0 which I cannot migrate to .NET 4.5 because that requires VS 2012 or higher which I do not have, I only have VS 2010.

I just want to upgrade my ASP project to reCaptchaV2
I get this error:

The primary reference "Recaptcha.Web" could not be resolved because it was built against the ".NETFramework,Version=v4.5" framework. This is a higher version than the currently targeted framework ".NETFramework,Version=v4.0".

What can I do to resolve this issue?
Is there a version of Recaptcha.Web targeted at 4.0 or lower that I can use, please!

I am keep getting below error. This needs to be fixed. If Developer cannot keep this updated with Google changes and also no support for version 3 then I would suggest to take down or turn off this repository.

Hi,
first of all I want to thank you for this perfect library, it solved a problem for me.
I have a question:
I'm using it on "old" WebForms ASP.Net application and I'd like to enable the "Login"button only if reCAPTHCA is checked and validated, but I did not find any Client or Server event to attach to.
Is there a way to achieve this?
Yhanks

Hi,
how to reload the captcha control when it is placed inside update panel?

Recaptcha.Web.dll has been working beautifully for quite a while. Recently, it started crashing with this error:
Could not load file or assembly 'Newtonsoft.Json, Version=7.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed' or one of its dependencies. The system cannot find the file specified.

After some investigation, I thought it is happening because my Windows installation has upgraded Newtonsoft.Json. So I thought I would rebuild Recaptcha.Web.dll using the upgraded Newtonsoft.Json, and the online source.

Now, I am getting this error:
Could not load file or assembly 'Newtonsoft.Json, Version=11.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed' or one of its dependencies. The system cannot find the file specified.

Help is most appreciated.

Ori

I am using Recaptcha.Web.dll v2.1.0.0 but, when run, shows the older version, i.e., 2 words instead of the newer "I am not a robot" with checkbox.
Any ideas why?
Help most appreciated.

Ori

Hello, thanks for great lib!
I would like to use it in my project, but suddenly found that RecaptchaVerificationHelper is available only in controller.
It seems to me captcha verification is cross-cutting concern and can be implemented as ActionFilter, and it can improve your library, can you add support for this funcrionality? Or i can help you and create a pull request.

Hi,

when using newer .NET versions this warning comes up (as expected if 4.5 is the latest target)

Warning CS1702 Assuming assembly reference 'System.Web.Mvc, Version=5.2.3.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' used by 'Recaptcha.Web' matches identity 'System.Web.Mvc, Version=5.2.7.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' of 'System.Web.Mvc', you may need to supply runtime policy

Is there any chance the library will be rebuilt to support/target newer .NET versions as well? Anything we can do to help?

Thank you,

Martin

recaptcha-net not same reCaptcha https://developers.google.com/recaptcha/docs/start ?

http://netcaptcha.codeplex.com/documentation and https://github.com/tanveery/recaptcha-net is the same?

I have a contact form that uses [AllowHtml] on the Body property to allow users to submit HTML code to me, which was working fine, but after installing recaptcha-net the old "A potentially dangerous Request.Form value was detected from the client" exceptions came back

It looks like this is bot-related activity that isn't passing the recaptcha validation parameters, which leads to a code path that makes use of Request.Params, which unconditionally validates input (ie [AllowHtml] and ValidateInput(false) are not taken into account)

To fix this problem I've switched from Request.Params to Request.Unvalidated, and now the exceptions have stopped again.

So what are your thoughts on switching to Request.Unvalidated in the main codebase? Unfortunately Request.Unvalidated is not available in 4.0, which wasn't a problem in my case because I wanted to build 4.5.1 DLLs anyway, but the main codebase would need to work around that somehow (e.g. maybe use an #if NET40 to keep the old Request.Params behaviour for 4.0)

Thanks,
Rick

ReCaptcha just recently updated their widget. Might want to update this to use the newer widget

Hi there,

can you add a comment on how to use this in a pop-up Model like a login form, when I try it in the login form, I am not getting the token for validation, but it works on a regular page.

how can I get the token on the backend in a login modal form

thanks

Hi,

I am using RecaptchaNet.1.7.0 with MVC 5.2.3.But when I build the application the getting code analysis warning.

"CA0001 Error Running Code Analysis CA0001 : The following error was encountered while reading module 'Project.Demo.App': Assembly reference cannot be resolved: System.Web.Mvc, Version=5.2.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35."

Can you please suggest to resolve this issue ?

Thanks in advance.

RecaptchaVerificationHelper.txt

I receive the exception if the recaptcha is not filled at all.
I'm using v2 recaptcha.
The excpetion is thrown on

RecaptchaVerificationResult result = recaptcha1.Verify();
at line 104 of RecaptchaVerificationHelper you have to handle the empty response not throwing an exception an retiurning a failed verification.

if (string.IsNullOrEmpty(Response)) { throw new InvalidOperationException("Reponse is emptry."); }
Not filling the recaptcha is equivalent to a failed verification not to an exception.

Attached a working version of RecaptchaVerificationHelper.cs

I am getting this error. I am not sure what this is

Hello. I have used reCAPTCHA for .NET on several of my sites. I am currently working with a legacy site that has two html forms on the same page. While recaptcha for .net is working on other pages, it only renders and works for the first form on the page with two forms. After some googling it looks as if this is something supported by the API. See http://mycodde.blogspot.com/2014/12/multiple-recaptcha-demo-same-page.html. Is this something you could fold into your reCAPTCHA for .NET? Thanks!

Hello

Great ! But... why create dependency of externall dlls? See #45

Please consider to use native json net instruction: https://docs.microsoft.com/es-es/dotnet/standard/serialization/system-text-json-how-to

If you don't want please insert binding redirects feature to accepts latest newtonsoft dll. More info: https://stackoverflow.com/questions/43365736/assembly-binding-redirect-how-and-why

That's the code:

Thanks!

Hi there,

thank you for this great control. It saved some time to me and makes the implementation clean and simple. However, when I try to use any binding expression on your control I get the compiler error on runtime: CS0426 - The type name 'Web' in the type 'Recaptcha.Web.UI.Controls.Recaptcha' is not available.

Example:

<uc:Recaptcha ID="captcha" runat="server" Theme="Blackglass" Language='<%# this.DisplayLanguage %>' />

This also happens when I want to bind the public or private key on your control, however, since you allow to set those keys in the web.config, it's not a problem.

Whatsoever, I could bypass the problem by setting the language in code behind in my Page_Init event:

this.captcha.Language = this.DisplayLanguage;

However, it's still a bug, so here I report it.

Thanks for keeping this awesome control up2date.

Hi,
Today when I deploy my website to apphb (https://softnews.apphb.com). I got an error saying that the site uses http content (mix content) due to a references to google recaptcha. By default, we use SslBehavior useSsl = SslBehavior.SameAsRequestUrl already. Do you have any idea to fix it ?
Thanks for your nice package!

The Recaptcha.Net NuGet package does not list Newtonsoft.Json as a dependency, but will fail at runtime if it is not installed.

To reproduce, create a simple page using the widget in a package without Newtonsoft.Json, on submit of the page and calling this.GetRecaptchaVerificationHelper(); an error will be thrown.

https://www.nuget.org/packages/RecaptchaNet/2.1.0/

The web config method works just fine for me. But our organization needs this to bypass the web config.

From the readme this should be working, but I get a
Error CS1739 The best overload for 'Recaptcha' does not have a parameter named 'privateKey'

It would be useful to add a WidgetID parameter to the object in order to differentiate each widget in the case there are more than one on the same page.

Thanks!

With some extended testing on our different environments I came to the following conclusion regarding the usage of a proxy and this library.
It seems to me, by using WebRequest.GetSystemWebProxy() in VerifyRecaptchaResponse of RecaptchaVerificationHelper, the proxy that is used is always the proxy defined in settings of IE for current user (in our case NetworkService, defined on application pool).
Overriding this proxy with web.config fails because the result of method above always overrides the default proxy.
Currently I'm keeping my proxy on the NetworkService account but it would be more usefull if this is adaptable by config.

I've tried this on Chrome, IE, Firefox, Kindle, Windows phone and notice that when the widget first loads and I click "I'm not a Robot" - the widget displays a tick without showing the verify images pop-out. I have to close and re-open the Browser I'm using to make the widget work correctly.
I'm using the latest version of recaptchanet in a webforms .net app over an ssl connection (not localhost).

Any ideas?

Struggling with following problem:
I have a form on a page, which checks Captcha and allows several subsequent submissions (submit a form, then press a button - submit once again with new data). On first postback, Captcha is checked correctly, but, on subsequent submissions it is not shown.
Can you suggest how to reinit reCaptcha control in WebForms?

How is it possible to use reCAPTCHA v2 with this library?

https://support.google.com/recaptcha/#6080904

When I did an upgrade from 2.0.0 to 2.1.0, it appended the "recaptchaPublicKey" "recaptchaPrivateKey" and "recaptchaApiVersion" keys to web.config. It will show an error regarding recaptchaPublicKey being empty: "Exception Details: System.InvalidOperationException: Public key cannot be null or empty." Although this is an accurate error, it may not be obvious at first to delete the duplicate keys near the end of </appSettings>.

Must be "render"

Hi I love this plugin, can you please update with ASP identity. 👍

It would be nice if there was a way to set the callback method using the Html.Recaptcha() method. It would then set the data-callback attribute on the tag. Setting this via a web.config would be nice too.

https://developers.google.com/recaptcha/docs/versions

Is there any way I can setup my reCaptcha to get displayed in specific language? I think, .NET control should have property for the language code which we can setup based on google suggestion: https://developers.google.com/recaptcha/docs/language

Once we set the language code, reCpatcha must get rendered in specific language in next load.

Currently, the script and api point to google.com domain. Changing this to recaptcha.net will ensure it will work in China as well (where google.com) is blocked.

Ref:
https://developers.google.com/recaptcha/docs/faq#can-i-use-recaptcha-globally