susanne / hcaptcha
TYPO3 Extension to Add hCaptcha to EXT:form - The privacy friendly captcha alternative.
Requires
- php: ^7.2
- typo3/cms-core: ^10.4 | ^11.0@dev | dev-master
- typo3/cms-fluid: ^10.4 | ^11.0@dev | dev-master
- typo3/cms-form: ^10.4 | ^11.0@dev | dev-master
Requires (Dev)
- friendsofphp/php-cs-fixer: ^2.16
- helmich/typo3-typoscript-lint: ^2.3
- overtrue/phplint: ^2.0
- phpspec/prophecy-phpunit: ^2.0
- phpstan/extension-installer: ^1.0
- phpstan/phpstan: ^0.12.50
- phpunit/phpunit: ^9.4
- roave/security-advisories: dev-master
- saschaegerer/phpstan-typo3: @dev
- symfony/console: ^5.1
- symfony/yaml: ^5.1
- typo3/coding-standards: ^0.2.0
- vimeo/psalm: ^3.0 | ^4.0
Suggests
- vlucas/phpdotenv: ^2.4
This package is not auto-updated.
Last update: 2021-07-11 11:58:13 UTC
README
Provides hCaptcha integration for TYPO3 EXT:form.
hCaptcha is a free to use alternative to Google reCaptcha with a bigger focus on privacy. It supports initiatives like PrivacyPass.
For more information, see the hCaptcha website.
Additionally, hCaptcha provides earnings for solved captchas - that can be donated to the Wikimedia foundation automatically (which is the case for the default settings of this extension).
Quick Setup
hCaptcha is configured with a default key to make the setup as easy as possible. It is recommended to create a custom account for your site with hCaptcha and add your own keys.
- Install the extension and activate it
- Include the static template in TypoScript
- Add a
hCaptcha
element to a form
TypoScript Constants
Set the following constants if you are using your own account:
plugin.tx_hcaptcha {
settings {
publicKey = <your-public-key>
privateKey = <your-private-key>
}
}
Environment variables
As an alternative to the TypoScript configuration, you can also use environment variables:
HCAPTCHA_PUBLIC_KEY
HCAPTCHA_PRIVATE_KEY
Content Security Policy
If you are using CSP, make sure to adjust them accordingly:
- script-src should include
https://hcaptcha.com, https://*.hcaptcha.com
- frame-src should include
https://hcaptcha.com, https://*.hcaptcha.com
- style-src should include
https://hcaptcha.com, https://*
Privacy
Make sure to inform your users of your usage of hCaptcha and what that means - especially if you are using the invisible Enterprise version.
For more info see: https://docs.hcaptcha.com/faq
Help & Support
- Issues: https://gitlab.com/susannemoog/hcaptcha/-/issues
- Slack: #typo3-cms
Follow me on Twitter or read my blog entry about hCaptcha at susi.dev.