reCAPTCHA

8.16.0.1

reCAPTCHA🔗ℹ

Philip McGrath <philip at philipmcgrath dot com>

This library provides utilities for using reCAPTCHA with the web-server/formlets API. It currently supports reCAPTCHA v2 (the “no CAPTCHA reCAPTCHA”).

To actually use reCAPTCHA, you will need to register to obtain a site key and a secret key for your domain. This library supports testing use without registration and behaves gracefully if reCAPTCHA is disabled.

procedure
(recaptcha-formlet
[ #:theme theme
#:type type
#:size size
#:tabindex tabindex
#:network-error-result network-error-result])
→
(and/c (formlet/c (or/c #t #f 'disabled 'network-error))
       serializable?)
  theme : (or/c #f "light" "dark") = #f
  type : (or/c #f "image" "audio") = #f
  size : (or/c #f "normal" "compact") = #f
  tabindex : (or/c #f exact-integer?) = #f
   network-error-result : (or/c #t #f 'disabled 'network-error)
= #f

Creates a formlet that embeds a reCAPTCHA widget. The resulting formlet will use the credentials specified by current-recaptcha-site-key and current-recaptcha-secret-key for validation. When (use-recaptcha?) returns #f, the formlet will not render anything.

The formlet’s processing stage will return #t if the response is validated successfully, #f if validation fails, 'disabled when (use-recaptcha?) returns #f, and network-error-result if an exn:fail:network is raised while trying to validate the response.

The theme, type, size, and tabindex arguments attach optional attributes to the widget, the meaning of which is specified in the reCAPTCHA documentation. If an argument is #f, the corresponding attribute is not included.

Formlets created by recaptcha-formlet are serializable?, facilitating use with stateless #lang web-server servlets.

Changed in version 0.1 of package recaptcha: Added serialization support in coordination with changes to web-server/formlets in the Racket 6.11 release.

1 Credentials🔗ℹ

(require recaptcha/keys)

package: recaptcha

The bindings documented in this section are re-exported by recaptcha, but recaptcha/keys may be required directly for fewer dependencies.

parameter
(current-recaptcha-site-key) → (or/c #f string?)
(current-recaptcha-site-key maybe-site-key) → void?
maybe-site-key : (or/c #f string?)
= recaptcha-testing-site-key
parameter
(current-recaptcha-secret-key) → (or/c #f string?)
(current-recaptcha-secret-key maybe-secret-key) → void?
maybe-secret-key : (or/c #f string?)
= recaptcha-testing-secret-key

These parameters specify the (public) site key and secret key to be used for validation. Both must be non-false for reCAPTCHA to be enabled. Furthermore, unless they are valid, registered keys used on an appropriate domain, validation should fail.

procedure
(use-recaptcha?) → any/c

Equivalent to

(and (recaptcha-testing-site-key)
(recaptcha-testing-secret-key))

value
recaptcha-testing-site-key : string?
value
recaptcha-testing-secret-key : string?

A key pair for testing use, which does not require registration.

Per the reCAPTCHA documentation, with these keys,

you will always get No CAPTCHA and all verification requests will pass … The reCAPTCHA widget will show a warning message to claim that it’s only for testing purpose[s]. Please do not use these keys for your production traffic.