CAPTCHA Alternative

2013-11-05

I got fed up today trying to deal with CAPTCHAs. I've had this idea for a long time that since bots (apparently) don't execute (or examine?) Javascript, you could simply replace the CAPTCHA with a JS form enabler and the user would have to do nothing (except have Javascript enabled).

I have two different ideas:

  1. Have the JS populate a required hidden field in the form.
  2. Have the JS populate the form action to the "real" form handler.

Option 1

The (example) form:

<noscript><p class="alert">You will need to enable Javascript to submit this form.</p></noscript> <form action="" method="post"> <label>Email</label> <input id="form-email" type="text" name="email" /> <input type="submit" value="Submit" /> </form>

The (example) Javascript (jQuery):

<script> $(function() { $('#form-email').after('<input type="hidden" name="human_9237684tyrfn768934gn" value="1" />'); }); </script>

Then check for existence of POST var "human_9237684tyrfn768934gn" (or whatever you decide to name the field). You should only need to check for the existence of the field. Checking the value may cause you trouble if you name the field something common that could be populated by auto-fill.


Option 2

The (example) form:

<noscript><p class="alert">You will need to enable Javascript to submit this form.</p></noscript> <form id="form-email" action="and_she_whus_like_therce_no_whey.php" method="post"> <label>Email</label> <input type="text" name="email" /> <input type="submit" value="Submit" /> </form>

The (example) Javascript (jQuery):

<script> $(function() { $('#form-email').attr('action', 'process.php'); }); </script>

The fake script would simply display a "Thank You/Success" message. :P