How Can I Test If My Integration Is Working?
We have compiled some tests for you to check if your Friendly Captcha integration is fully functional and secure.
Go to the web page where the widget is embedded.
Request a puzzle for the form to be tested. (With the default settings you just have to start filling out the form.)
Then go to the Friendly Captcha widget in the source code of your page. Therefore, make a right click on the Friendly Captcha widget and select "Inspect Element".
Look for the input tag containing name="frc-captcha-solution" for v1 of Friendly Captcha. In v2 of Friendly Captcha the input tag has the attribute name="frc-captcha-response.
Manually change or delete some characters of the value of the input tag.
Submit the form to be tested.
The form can not be sent and you get the feedback that something went wrong with the captcha. This should be the case if implemented correctly.
The form can be sent and the request is delivered to you. This should not happen, an integration bug seems to have been made.
If the form was sent despite the manipulation of the tag, you should check how you verify the solution. Please refer to our documentation for v1 or accordingly documentation for v2.
Go to the web page where the widget is embedded.
Request a puzzle for the form to be tested. (With the default settings you just have to start filling out the form.)
Then go to the Friendly Captcha widget in the source code of your page. Therefore, make a right click on the Friendly Captcha widget and select "Inspect Element".
Look for the input tag containing name="frc-captcha-solution" for v1 of Friendly Captcha. In v2 of Friendly Captcha the input tag has the attribute name="frc-captcha-response.
Manually delete the value of the tag.
Submit the form to be tested.
The form can not be sent and you get the feedback that something went wrong with the captcha. This should be the case if implemented correctly.
The form can be sent and the request is delivered to you. This should not happen, an integration bug seems to have been made.
If the form was sent despite the manipulation of the tag, you should check how you verify the solution. Please refer to our documentation for v1 or accordingly documentation for v2.
Go to the web page where the widget is embedded.
Go to the development settings of your browser and disable JavaScript there.
Reload the page.
Try to submit the form to be tested with JavaScript disabled.
The form can not be sent and you get the feedback that something went wrong with the captcha. This should be the case if implemented correctly.
The form can be sent and the request is delivered to you. This should not happen, an integration bug seems to have been made.
If the form was sent despite JavaScript being disabled, you should check the handling of the <noscript> tag as well as your backend verification logic. This is described in our documentation for v1 and accordingly in the documentation for v2.
Quick reminder: Make sure to re-enable JavaScript in your browser after the test.
Check What Happens if the Solution of the Puzzle Is Wrong
Go to the web page where the widget is embedded.
Request a puzzle for the form to be tested. (With the default settings you just have to start filling out the form.)
Then go to the Friendly Captcha widget in the source code of your page. Therefore, make a right click on the Friendly Captcha widget and select "Inspect Element".
Look for the input tag containing name="frc-captcha-solution" for v1 of Friendly Captcha. In v2 of Friendly Captcha the input tag has the attribute name="frc-captcha-response.
Manually change or delete some characters of the value of the input tag.
Submit the form to be tested.
Two things can happen:
The form can not be sent and you get the feedback that something went wrong with the captcha. This should be the case if implemented correctly.
The form can be sent and the request is delivered to you. This should not happen, an integration bug seems to have been made.
If the form was sent despite the manipulation of the tag, you should check how you verify the solution. Please refer to our documentation for v1 or accordingly documentation for v2.
Check What Happens if the Solution of the Puzzle Is Empty
Go to the web page where the widget is embedded.
Request a puzzle for the form to be tested. (With the default settings you just have to start filling out the form.)
Then go to the Friendly Captcha widget in the source code of your page. Therefore, make a right click on the Friendly Captcha widget and select "Inspect Element".
Look for the input tag containing name="frc-captcha-solution" for v1 of Friendly Captcha. In v2 of Friendly Captcha the input tag has the attribute name="frc-captcha-response.
Manually delete the value of the tag.
Submit the form to be tested.
Two things can happen:
The form can not be sent and you get the feedback that something went wrong with the captcha. This should be the case if implemented correctly.
The form can be sent and the request is delivered to you. This should not happen, an integration bug seems to have been made.
If the form was sent despite the manipulation of the tag, you should check how you verify the solution. Please refer to our documentation for v1 or accordingly documentation for v2.
Check if the Form Can Be Sent Without JavaScript
Go to the web page where the widget is embedded.
Go to the development settings of your browser and disable JavaScript there.
Reload the page.
Try to submit the form to be tested with JavaScript disabled.
Two things can happen:
The form can not be sent and you get the feedback that something went wrong with the captcha. This should be the case if implemented correctly.
The form can be sent and the request is delivered to you. This should not happen, an integration bug seems to have been made.
If the form was sent despite JavaScript being disabled, you should check the handling of the <noscript> tag as well as your backend verification logic. This is described in our documentation for v1 and accordingly in the documentation for v2.
Quick reminder: Make sure to re-enable JavaScript in your browser after the test.
Updated on: 10/12/2024
Thank you!