[英]How do I display Google reCAPTCHA v2 in a Chrome Extension browser action?
I'm building a Chrome Extension that interacts with an API that I wish to protect using Google recatcha, as I'm intending for it to be used beyond just the Chrome Extension. 我正在构建一个与我希望使用Google Recatcha保护的API进行交互的Chrome扩展程序,因为我打算在Chrome扩展程序之外使用它。 The API side is working, correctly verifying a recaptcha response with Google, however, displaying the recatcha widget inside the extension's browser action window is resulting in the following javascript error: API方面正在运行,正确验证Google的重新回复响应,但是,在扩展程序的浏览器操作窗口中显示recatcha小部件会导致以下javascript错误:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('chrome-extension://pjhcgfibbbmibojnlkgjejaojpokgldl:80') does not match the recipient window's origin ('chrome-extension://pjhcgfibbbmibojnlkgjejaojpokgldl').
which is generated in recaptcha_en.js
at the line: 这是在recaptcha_en.js
中生成的:
(a.window || ne(a.Tg)).postMessage(JSON.stringify({
message: c || null ,
messageType: b
}), Zj(a.path));
The problem seems to be that the value of a.path
is chrome-extension://pjhcgfibbbmibojnlkgjejaojpokgldl:80
but I don't know how I can affect this value. 问题似乎是a.path
的值是chrome-extension://pjhcgfibbbmibojnlkgjejaojpokgldl:80
但我不知道如何影响这个值。
The result of this error is that the recaptcha widget displays a message saying: 此错误的结果是recaptcha小部件显示一条消息:
Please upgrade to a supported browser to get a reCAPTCHA challenge. 请升级到支持的浏览器以获取reCAPTCHA质询。
I'm displaying the widget via the auto render method , but have also tried the explicit method which results in the same error. 我通过自动渲染方法显示小部件,但也尝试了显式方法 ,导致相同的错误。 For info, I'm using the following content_security_policy
: 有关信息,我使用以下content_security_policy
:
script-src 'self' https://*.google.com https://*.gstatic.com; object-src 'self'
Is there any way I can get this to work in my extension? 有什么方法可以让我在我的扩展中工作吗? And if not, what is the best alternative method for integrating recaptcha? 如果没有,整合recaptcha的最佳替代方法是什么?
In recaptcha v3 在recaptcha v3
manifest.json "content_security_policy": "script-src 'self' https:// .google.com https:// .gstatic.com; object-src 'self'" manifest.json“content_security_policy”:“script-src'self'https:// .google.com https:// .gstatic.com; object-src'self'”
ADD CHROME EXTENCION ID TO ALLOWED DOMAINS IN RECAPTCHA ADMIN CONSOLE 在RECAPTCHA ADMIN CONSOLE中添加CHROME EXTENCION ID以允许域名
chrome-extension://aailnablglhloogfnpkgddnjjfimhhhg 镀铬的扩展:// aailnablglhloogfnpkgddnjjfimhhhg
so you just put "aailnablglhloogfnpkgddnjjfimhhhg" without chrome-extension:// 所以你只需要将“aailnablglhloogfnpkgddnjjfimhhhg”放入chrome-extension://
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.