Page MenuHomePhabricator
Create Task
Maniphest T377341

hCaptcha: Log results returned from backend API
Closed, ResolvedPublic
Actions

Description

May be some useful datapoints in the JSON blob returned by the request to https://hcaptcha.com/siteverify

https://docs.hcaptcha.com/#verify-the-user-response-server-side

{
   "success": true|false,     // is the passcode valid, and does it meet security criteria you specified, e.g. sitekey?
   "challenge_ts": timestamp, // timestamp of the challenge (ISO format yyyy-MM-dd'T'HH:mm:ssZZ)
   "hostname": string,        // the hostname of the site where the challenge was passed
   "credit": true|false,      // optional: deprecated field
   "error-codes": [...]       // optional: any error codes
   "score": float,            // ENTERPRISE feature: a score denoting malicious activity.
   "score_reason": [...]      // ENTERPRISE feature: reason(s) for score.
}

Specifically, that score and score_reason...

Details

SubjectRepoBranchLines +/-
hCaptcha: Extra logging for captcha solvemediawiki/extensions/ConfirmEditmaster+27 -10
Customize query in gerrit

Related Objects

Event Timeline

Reedy created this task.Oct 16 2024, 3:01 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 16 2024, 3:02 PM
Reedy triaged this task as Low priority.Oct 16 2024, 3:02 PM
Reedy updated the task description. (Show Details)
Reedy updated the task description. (Show Details)Oct 16 2024, 3:04 PM
Reedy moved this task from Backlog to Feature Requests/Improvements on the ConfirmEdit (CAPTCHA extension) board.Oct 24 2024, 1:21 AM
gerritbot added a comment.Oct 25 2024, 4:40 PM

Change #1083206 had a related patch set uploaded (by Reedy; author: Reedy):

[mediawiki/extensions/ConfirmEdit@master] hCaptcha: Extra logging for captcha solve

https://gerrit.wikimedia.org/r/1083206

gerritbot added a project: Patch-For-Review.Oct 25 2024, 4:40 PM
Reedy mentioned this in T379172: Be able to pass captcha scoring from backend API to AbuseFilter for evaluation.Nov 6 2024, 4:24 PM
Reedy mentioned this in T379177: hCaptcha: Work out how to use returned score rather than just if the captcha was solved.Nov 6 2024, 5:04 PM
Reedy mentioned this in T379179: Send captcha API response data to event logging.Nov 6 2024, 5:23 PM
gerritbot added a comment.Nov 6 2024, 10:22 PM

Change #1083206 merged by jenkins-bot:

[mediawiki/extensions/ConfirmEdit@master] hCaptcha: Extra logging for captcha solve

https://gerrit.wikimedia.org/r/1083206

Maintenance_bot removed a project: Patch-For-Review.Nov 6 2024, 10:30 PM
Reedy closed this task as Resolved.Nov 6 2024, 10:48 PM
Reedy claimed this task.
ReleaseTaggerBot added a project: MW-1.44-notes (1.44.0-wmf.3; 2024-11-12).Nov 6 2024, 11:00 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits