Implementing client side CAPTCHA
I got this case when my colleague tester reported a “bug” – when they typed CAPTCHA they had to submit and wait for page to reload before they knew that captcha they entered was incorrect and they could not understand why would they need to wait for page to reload… I’ve replied explaining that this validation has to be done on server… but then I’ve realized it actually can be implemented over client side while having captcha reliable (non-easily breakable/guessable) and start searching web to see what was already done on this…
Here are several ways of implementing Captcha:
- The standard approach is to submit entered text to server and wait for server response – requires page reload – that is not interesting…
- Second thing I thought of was using AJAX request to pass entered captcha text to server, validate it over server, present server response to client, so it will be done without reloading of page. More or less same as first method, but does not require page reload which is good
But the moral of the story is – Think different!!!