CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Using CiviContribute (Moderator: Donald Lobo) »
  • recaptcha security problem - unauthenticated content
Pages: [1]

Author Topic: recaptcha security problem - unauthenticated content  (Read 3033 times)

sckwooral

  • Guest
recaptcha security problem - unauthenticated content
July 29, 2009, 02:22:00 am
When I add recaptcha to my forms that are on secure pages (pages using SSL that start with https...) the padlock is broken. The warning in Firefox is that the page contains "unauthenticated content" and IE7 tosses in a pop-up warning the viewer about the problem.

Any way to make that page "authenticated" or do I need to lose recaptcha?

Thanks!

Eileen

  • Forum Godess / God
  • I’m (like) Lobo ;)
  • *****
  • Posts: 4195
  • Karma: 218
    • Fuzion
Re: recaptcha security problem - unauthenticated content
July 29, 2009, 02:56:58 am
Have you done a forum search on recaptcha? I have a feeling I've seen this before but I didn't find it in a quick search & I have to dash now
Make today the day you step up to support CiviCRM and all the amazing organisations that are using it to improve our world - http://civicrm.org/contribute

sckwooral

  • Guest
Re: recaptcha security problem - unauthenticated content
July 29, 2009, 03:35:16 am
I did and didn't find anything regarding this issue though I can't be the only one who has run into this problem. If anyone can point me towards a post that would be great.

jobewan

  • I post occasionally
  • **
  • Posts: 79
  • Karma: 0
Re: recaptcha security problem - unauthenticated content
April 02, 2011, 06:17:29 am
http://issues.civicrm.org/jira/browse/CRM-5735

petednz

  • Forum Godess / God
  • I’m (like) Lobo ;)
  • *****
  • Posts: 4899
  • Karma: 193
    • Fuzion
  • CiviCRM version: 3.x - 4.x
  • CMS version: Drupal 6 and 7
Re: recaptcha security problem - unauthenticated content
May 03, 2011, 09:49:43 pm
just hit this issue on a 3.3.6 set up - anyone already hit and solved this?
Sign up to StackExchange and get free expert advice: https://civicrm.org/blogs/colemanw/get-exclusive-access-free-expert-help

pete davis : www.fuzion.co.nz : connect + campaign + communicate

ken

  • I live on this forum
  • *****
  • Posts: 916
  • Karma: 53
    • City Bible Forum
  • CiviCRM version: 4.6.3
  • CMS version: Drupal 7.36
  • MySQL version: 5.5.41
  • PHP version: 5.3.10
Re: recaptcha security problem - unauthenticated content
May 03, 2011, 11:03:21 pm
Which content is insecure?

(In Firefox: right click > View Page Info > media will show images etc which use the HTTP scheme)

(Or Firebug will tell you more than you want to know!)

Ken

petednz

  • Forum Godess / God
  • I’m (like) Lobo ;)
  • *****
  • Posts: 4899
  • Karma: 193
    • Fuzion
  • CiviCRM version: 3.x - 4.x
  • CMS version: Drupal 6 and 7
Re: recaptcha security problem - unauthenticated content
May 04, 2011, 12:06:09 am
Hi Ken - so recaptcha wasn't loading at all and so the form kept failing as it was 'required' but not visible
i get One error when opening page in Safari ie "Failed to load resource: untrusted server certificate"
this whole site is under ssl.
I don't know if this
Quote
"HTTPS validation is not officially supported, so we don't recommend
you use it. We are experimenting with the possibility of officially
allowing verification over HTTPS, but please don't rely on it until
you've seen an official announcement on the forums. Until there's an
official announcement, assume that the HTTPS /verify location may go
away at any time " - Colin, reCaptcha developer.)
means we should just set any profiles using recaptcha so they aren't covered by ssl - but we switched whole site to be covered because some back end users were getting lots of failures when sending emails etc and our conclusion was that something on their machines kept them hopping between http and https and this was our way of solving that.
Sign up to StackExchange and get free expert advice: https://civicrm.org/blogs/colemanw/get-exclusive-access-free-expert-help

pete davis : www.fuzion.co.nz : connect + campaign + communicate

ken

  • I live on this forum
  • *****
  • Posts: 916
  • Karma: 53
    • City Bible Forum
  • CiviCRM version: 4.6.3
  • CMS version: Drupal 7.36
  • MySQL version: 5.5.41
  • PHP version: 5.3.10
Re: recaptcha security problem - unauthenticated content
May 04, 2011, 01:52:21 am
Try the patch for http://issues.civicrm.org/jira/browse/CRM-7982

If you're using the Drupal reCAPTCHA module (or the Joomla extension) to secure your CMS pages then you'll need to apply the equivalent patch to that code.
« Last Edit: May 04, 2011, 01:54:29 am by ken »

petednz

  • Forum Godess / God
  • I’m (like) Lobo ;)
  • *****
  • Posts: 4899
  • Karma: 193
    • Fuzion
  • CiviCRM version: 3.x - 4.x
  • CMS version: Drupal 6 and 7
Re: recaptcha security problem - unauthenticated content
May 04, 2011, 03:46:20 am
brilliant - thanks Ken
Sign up to StackExchange and get free expert advice: https://civicrm.org/blogs/colemanw/get-exclusive-access-free-expert-help

pete davis : www.fuzion.co.nz : connect + campaign + communicate
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Using CiviContribute (Moderator: Donald Lobo) »
  • recaptcha security problem - unauthenticated content

This forum was archived on 2017-11-26.