Maniphest T378188

Implement secure enclave mode for hCaptcha
Closed, ResolvedPublic
Actions

Description

Summary

Secure enclave mode exists and can be used by hCaptcha Enterprise users. We want to use this on WMF wikis.

Background

hCaptcha integration in ConfirmEdit (CAPTCHA extension) currently requires loading the JS API in the head element
We can use the secure enclave method only possible for hCaptcha Enterprise users which can allow us to defer this and provide better privacy
We cannot detail much more about this because it's documentation is private
- Users who can access it can see it at https://docs.hcaptcha.com/enterprise/secure_enclave

Acceptance criteria

Secure enclave mode is available in ConfirmEdit (CAPTCHA extension) hCaptcha integration
Only a single <iframe> element is added

Details

Related Changes in Gerrit:

Subject	Repo	Branch	Lines +/-
hCaptcha: Fix secure enclave implementation	mediawiki/extensions/ConfirmEdit	master	+25 -15
hcaptcha: eschew newassets, use js instead	operations/puppet	production	+1 -1
hCaptcha: Fix secure enclave implementation	mediawiki/extensions/ConfirmEdit	wmf/1.45.0-wmf.17	+25 -15
hCaptcha: Implement secure enclave mode	mediawiki/extensions/ConfirmEdit	master	+160 -33
HCaptchaOutput: HTML escape the hCaptcha API URL	mediawiki/extensions/ConfirmEdit	master	+5 -2
Create HCaptchaOutput service	mediawiki/extensions/ConfirmEdit	master	+194 -58
Start on tests for HCaptcha	mediawiki/extensions/ConfirmEdit	master	+232 -3

Customize query in gerrit

Related Objects

Mentioned In: T405585: hCaptcha: Fix secure enclave loading in VisualEditor
T398204: hCaptcha ResourceLoader module: Use ResourceLoader config instead of addJsConfigVars
T394874: hCaptcha passive mode display text
Mentioned Here: T405585: hCaptcha: Fix secure enclave loading in VisualEditor
T403829: hCaptcha: Self-host secure-api.js code in /static directory
T250227: Investigate and evaluate hCaptcha to replace Wikimedia's Fancy Captcha
T289607: <Security Initiative> Improving Captcha

Event Timeline

Reedy created this task.Oct 25 2024, 2:42 PM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 25 2024, 2:42 PM

Reedy moved this task from Backlog to Feature Requests/Improvements on the ConfirmEdit (CAPTCHA extension) board.Oct 25 2024, 2:54 PM

Reedy added a project: Bot detection and mitigation.Dec 13 2024, 2:32 PM

Reedy moved this task from Backlog to WE4.2 hCaptcha account creation trial on the Bot detection and mitigation board.Mar 12 2025, 4:08 PM

Reedy edited projects, added: Bot detection and mitigation (WE4.2 hCaptcha account creation trial); removed: Bot detection and mitigation.

Change #1128882 had a related patch set uploaded (by Reedy; author: Reedy):

[mediawiki/extensions/ConfirmEdit@master] WIP: hCaptcha: Implement secure enclave mode

https://gerrit.wikimedia.org/r/1128882

gerritbot added a project: Patch-For-Review.Mar 18 2025, 2:49 PM

• acooper changed the task status from Open to In Progress.Mar 21 2025, 2:35 PM

• acooper triaged this task as High priority.

kostajh assigned this task to Reedy.Mar 24 2025, 11:44 AM

kostajh moved this task from Backlog to In progress on the Bot detection and mitigation (WE4.2 hCaptcha account creation trial) board.

Reedy mentioned this in T394874: hCaptcha passive mode display text.May 23 2025, 6:51 PM

Change #1163870 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/extensions/ConfirmEdit@master] Create HCaptchaOutput service

https://gerrit.wikimedia.org/r/1163870

Change #1164138 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/extensions/ConfirmEdit@master] HCaptchaOutput: HTML escape the hCaptcha API URL

https://gerrit.wikimedia.org/r/1164138

Dreamy_Jazz added a project: Trust and Safety Product Sprint (Sprint Baklava (June 16 - July 4)).Jun 26 2025, 11:04 AM

Dreamy_Jazz updated Other Assignee, added: Dreamy_Jazz.

Change #1163863 had a related patch set uploaded (by Dreamy Jazz; author: Dreamy Jazz):

[mediawiki/extensions/ConfirmEdit@master] Start on tests for HCaptcha.php

https://gerrit.wikimedia.org/r/1163863

Dreamy_Jazz moved this task from Priority Backlog to Needs Review on the Trust and Safety Product Sprint (Sprint Baklava (June 16 - July 4)) board.Jun 26 2025, 11:25 AM

Change #1163863 merged by jenkins-bot:

[mediawiki/extensions/ConfirmEdit@master] Start on tests for HCaptcha

https://gerrit.wikimedia.org/r/1163863

Change #1163870 merged by jenkins-bot:

[mediawiki/extensions/ConfirmEdit@master] Create HCaptchaOutput service

https://gerrit.wikimedia.org/r/1163870

ReleaseTaggerBot added a project: MW-1.45-notes (1.45.0-wmf.8; 2025-07-01).Jun 26 2025, 1:00 PM

Change #1164138 merged by jenkins-bot:

[mediawiki/extensions/ConfirmEdit@master] HCaptchaOutput: HTML escape the hCaptcha API URL

https://gerrit.wikimedia.org/r/1164138

Change #1128882 merged by jenkins-bot:

[mediawiki/extensions/ConfirmEdit@master] hCaptcha: Implement secure enclave mode

https://gerrit.wikimedia.org/r/1128882

Maintenance_bot removed a project: Patch-For-Review.Jun 27 2025, 12:31 PM

Dreamy_Jazz moved this task from In progress to QA on the Bot detection and mitigation (WE4.2 hCaptcha account creation trial) board.Jun 27 2025, 3:51 PM

Dreamy_Jazz moved this task from Needs Review to Needs QA on the Trust and Safety Product Sprint (Sprint Baklava (June 16 - July 4)) board.

Dreamy_Jazz updated the task description. (Show Details)Jun 27 2025, 4:49 PM

kostajh edited projects, added: Trust and Safety Product Sprint (Sprint Cannoli (July 7 - July 25)); removed: Trust and Safety Product Sprint (Sprint Baklava (June 16 - July 4)).Jul 7 2025, 9:41 AM

kostajh moved this task from Priority Backlog to Needs QA on the Trust and Safety Product Sprint (Sprint Cannoli (July 7 - July 25)) board.

Dreamy_Jazz mentioned this in T398204: hCaptcha ResourceLoader module: Use ResourceLoader config instead of addJsConfigVars.Jul 9 2025, 5:03 PM

OKryva-WMF edited projects, added: Trust and Safety Product Sprint (Sprint Rum baba (July 28 - August 15)); removed: Trust and Safety Product Sprint (Sprint Cannoli (July 7 - July 25)).Jul 25 2025, 1:55 PM

OKryva-WMF moved this task from Priority Backlog to Needs QA on the Trust and Safety Product Sprint (Sprint Rum baba (July 28 - August 15)) board.

Dreamy_Jazz moved this task from Needs QA to Done on the Trust and Safety Product Sprint (Sprint Rum baba (July 28 - August 15)) board.Jul 28 2025, 12:56 PM

As deployment to test2wiki is delayed, we should close this task and have a generic QA task once we are on test2wiki.

Change #1185080 had a related patch set uploaded (by Kosta Harlan; author: Kosta Harlan):

[mediawiki/extensions/ConfirmEdit@master] WIP: hCaptcha: Fix secure enclave implementation

https://gerrit.wikimedia.org/r/1185080

gerritbot added a project: Patch-For-Review.Sep 5 2025, 12:41 PM

kostajh reopened this task as Open.Sep 5 2025, 1:41 PM

kostajh edited projects, added: Trust and Safety Product Sprint (Sprint Princess Tarta (August 18 - September 5)); removed: Trust and Safety Product Sprint (Sprint Rum baba (July 28 - August 15)).

kostajh updated the task description. (Show Details)

Change #1185096 had a related patch set uploaded (by Dreamy Jazz; author: Kosta Harlan):

[mediawiki/extensions/ConfirmEdit@wmf/1.45.0-wmf.17] hCaptcha: Fix secure enclave implementation

https://gerrit.wikimedia.org/r/1185096

Change #1185096 merged by jenkins-bot:

[mediawiki/extensions/ConfirmEdit@wmf/1.45.0-wmf.17] hCaptcha: Fix secure enclave implementation

https://gerrit.wikimedia.org/r/1185096

Mentioned in SAL (#wikimedia-operations) [2025-09-05T15:15:04Z] <kharlan@deploy1003> Started scap sync-world: Backport for [[gerrit:1184968|hCaptcha: Update secure enclave API endpoint]], [[gerrit:1185096|hCaptcha: Fix secure enclave implementation (T378188)]]

Mentioned in SAL (#wikimedia-operations) [2025-09-05T15:42:23Z] <kharlan@deploy1003> dreamyjazz, kharlan: Backport for [[gerrit:1184968|hCaptcha: Update secure enclave API endpoint]], [[gerrit:1185096|hCaptcha: Fix secure enclave implementation (T378188)]] synced to the testservers (see https://wikitech.wikimedia.org/wiki/Mwdebug). Changes can now be verified there.

ReleaseTaggerBot edited projects, added: MW-1.45-notes (1.45.0-wmf.17; 2025-09-02); removed: MW-1.45-notes (1.45.0-wmf.8; 2025-07-01).Sep 5 2025, 4:00 PM

Mentioned in SAL (#wikimedia-operations) [2025-09-05T16:16:07Z] <kharlan@deploy1003> Finished scap sync-world: Backport for [[gerrit:1184968|hCaptcha: Update secure enclave API endpoint]], [[gerrit:1185096|hCaptcha: Fix secure enclave implementation (T378188)]] (duration: 61m 02s)

Change #1185080 merged by jenkins-bot:

[mediawiki/extensions/ConfirmEdit@master] hCaptcha: Fix secure enclave implementation

https://gerrit.wikimedia.org/r/1185080

ReleaseTaggerBot edited projects, added: MW-1.45-notes (1.45.0-wmf.18; 2025-09-09); removed: MW-1.45-notes (1.45.0-wmf.17; 2025-09-02).Sep 5 2025, 5:00 PM

Maintenance_bot removed a project: Patch-For-Review.Sep 5 2025, 5:31 PM

Change #1185175 had a related patch set uploaded (by CDanis; author: CDanis):

[operations/puppet@production] hcaptcha: eschew newassets, use js instead

https://gerrit.wikimedia.org/r/1185175

gerritbot added a project: Patch-For-Review.Sep 5 2025, 5:48 PM

Change #1185175 merged by CDanis:

[operations/puppet@production] hcaptcha: eschew newassets, use js instead

https://gerrit.wikimedia.org/r/1185175

Maintenance_bot removed a project: Patch-For-Review.Sep 5 2025, 6:31 PM

kostajh updated the task description. (Show Details)Sep 5 2025, 8:23 PM

kostajh updated the task description. (Show Details)Sep 7 2025, 7:13 PM

The code we implemented in this task does not support loading secure-api.js in VisualEditor. Because T403829: hCaptcha: Self-host secure-api.js code in /static directory proposes some changes to how we're loading secure-api.js, I'd suggest we complete this task after we're finished with T403829: hCaptcha: Self-host secure-api.js code in /static directory.

kostajh removed Reedy as the assignee of this task.Sep 7 2025, 7:32 PM

kostajh updated Other Assignee, removed: Dreamy_Jazz.

kostajh updated the task description. (Show Details)

kostajh claimed this task.Sep 24 2025, 11:47 AM

kostajh moved this task from QA to In progress on the Bot detection and mitigation (WE4.2 hCaptcha account creation trial) board.

kostajh changed the task status from Open to In Progress.Sep 24 2025, 11:49 AM

kostajh moved this task from Priority Backlog to In Progress on the Trust and Safety Product Sprint (Sprint Dadar Gulung (September 8 - September 26)) board.

kostajh updated the task description. (Show Details)Sep 25 2025, 1:39 PM

kostajh mentioned this in T405585: hCaptcha: Fix secure enclave loading in VisualEditor.

In T378188#11155748, @kostajh wrote:

The code we implemented in this task does not support loading secure-api.js in VisualEditor. Because T403829: hCaptcha: Self-host secure-api.js code in /static directory proposes some changes to how we're loading secure-api.js, I'd suggest we complete this task after we're finished with T403829: hCaptcha: Self-host secure-api.js code in /static directory.

Follow-up for this is in T405585: hCaptcha: Fix secure enclave loading in VisualEditor

OKryva-WMF edited projects, added: Product Safety and Integrity; removed: Trust and Safety Product Sprint (Sprint Dadar Gulung (September 8 - September 26)).Sep 29 2025, 9:07 AM

OKryva-WMF edited projects, added: Product Safety and Integrity (Sprint Apfel Strudel (Sep 29 - Oct 17)); removed: Product Safety and Integrity.Sep 29 2025, 9:11 AM

OKryva-WMF moved this task from Priority backlog to Needs review on the Product Safety and Integrity (Sprint Apfel Strudel (Sep 29 - Oct 17)) board.Sep 29 2025, 9:18 AM

OKryva-WMF moved this task from Needs review to In progress on the Product Safety and Integrity (Sprint Apfel Strudel (Sep 29 - Oct 17)) board.Sep 29 2025, 9:20 AM