0

I'm trying to implement hCaptcha in my codeigniter 3 website however whenever I submit the form an error pops up which is "Indicate whether to send a cookie in a cross-site request by specifying its SameSite attribute".

public function appointment()
    {

        if (isset($_POST['submit'])) {
            $data = array(
                'secret' => "MYSECRETKEY",
                'response' => $_POST['h-captcha-response']
            );
            $ch = curl_init();
            curl_setopt($ch, CURLOPT_URL, "https://hcaptcha.com/siteverify");
            curl_setopt($ch, CURLOPT_POST, true);
            curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data));
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
            $response = curl_exec($ch);
            $responseData = json_decode($response);
            if ($responseData->success) {
                $this->Appointment_model->create();
            } else {
                echo 'Robot verification failed, please try again.';
            }
        }
    }

I tried setting the header to SameSite=None, Secured but it did not work. How to I solve this problem?

Amben Uchiha
  • 431
  • 2
  • 10
  • The PHP code posted looks fine. That error message is a cross site scripting message, so I would assume it's how the site is making the request. ie the form is being submitted to a different domain. Where do you see that issue? Is it in the WebDev console? Or is hcaptcha.com returning that? – Marshall C Jun 03 '22 at 14:53
  • @MarshallC its requesting to an hCaptcha url and returning a 403 response I guess this is a problem for local development? – Amben Uchiha Jun 03 '22 at 15:04
  • 1
    Are you using localhost? That might be the issue : https://docs.hcaptcha.com/#local-development – Marshall C Jun 03 '22 at 15:18
  • @MarshallC Damn!!! I missed this part. Thanks a lot!!! – Amben Uchiha Jun 03 '22 at 15:26

0 Answers0