Hi there,
Thank you for your message.
AFAIK the definition of “captcha” does not include any specific validation approach (client, server, both etc.). So I think the naming is correct.
Regarding the curl request. Can you please provide an example?
Best regards
Thread Starter
Tim
(@demo88)
AFAIK the definition of “captcha” does not include any specific validation approach
You are right, the definition is:
a computer program or system intended to distinguish human from machine input
Without server side validation you can simply send a curl request with the parameter “kc_captcha” = “human” and that’s it with validation. How else do you think bot works? By inputing the data in the browser with a keyboard?
So no, this plugin does not distinguish between humans and bots. It just makes it harder for humans, not for bots.
Thread Starter
Tim
(@demo88)
Example curl request:
curl -X POST https://example.com/contact \
-H “Content-Type: application/x-www-form-urlencoded” \
-d “kc_captcha=human&first_name=Test&last_name=Bot”
No human input needed.
Thank you for the curl request.
I will have a look and release an update if necessary.
Have a nice weekend.
