Summary
The ConfirmEdit (CAPTCHA extension) hCaptcha VisualEditor plugin works by listening for when the edit fails because hCaptcha is needed. We should make it possible, like in the normal wikitext editor, to display the captcha before the first submission.
Background
- ConfirmEdit (CAPTCHA extension) has a hCaptcha VisualEditor plugin that handles displaying the hCaptcha challenge in the edit summary window
- This is displayed if the visualeditoredit fails with a captcha requirement being hcaptcha
- Therefore, the user will have to press "Save changes", then complete hCaptcha, and then press "Save changes" again
- This is not an ideal user flow, because it means that the user needs to submit the edit multiple times
- Additionally, when using invisible mode this brings in additional complication where there will be no UI element for the user to interact with
- In the current flow, this means that the user will neither see the hCaptcha privacy policy notice before their first "Save changes" submission and will also not see what went wrong when they press "Save changes" the second time
- This is the flow used by other captcha types, so we cannot likely copy code from somewhere else to solve this
- Additionally, when using invisible mode this brings in additional complication where there will be no UI element for the user to interact with
- We should make it so that preferably hCaptcha is displayed before the user presses "Save changes" the first time, like it is done for the wikitext editor
- This will help address the invisible mode problems, as the privacy policy will be displayed from the first submission
- We will still need to address invisible mode problems when the captcha is requested because of the content of the edit, as we will need to get the user to agree read the privacy policy text during that process
- Additionally, we may be able to load the hCaptcha API before the user even presses "Save changes" the first time so that we do not slow down the editing flow
- This will help address the invisible mode problems, as the privacy policy will be displayed from the first submission
User story
As a user who is completing an edit using VisualEditor:
- I open the "edit" page and start my edit
- I press "Save changes"
- The edit does not go through and I see a hCaptcha challenge (or may not if in invisible mode)
- I complete the challenge, either by pressing the checkbox shown by hCaptcha or doing something else if in invisible mode
- I press "Save changes" again to actually complete my edit
As a user, I would have wanted to avoid the second step as I may decide to not complete my edit if I had been asked to complete hCaptcha after I had already submitted my changes
Specification
TBD
Technical notes
- We will need to think about how invisible mode works when we cannot show the user the hCaptcha privacy policy text the first time round (such as when AbuseFilter requires a captcha be completed)
- This cannot just be adding the privacy policy text in to the form because it will not be clear enough to the user and it is likely they will think this was a bug
Acceptance criteria
- A user does not have to press "Save changes" twice to complete a VisualEditor edit using hCaptcha
- When using invisible mode and the captcha is required based on the content of the edit, some UI is implemented that flags the privacy policy clearly to the user so that they do not miss it when submitting their edit again