Google ReCaptcha Uncaught DOMException: Blocked frame with source "https://www.google.com"
I'm not sure why this is happening, and this is not a common, common mistake:
Uncaught SecurityError: Lock source frame.
The error I am getting:
Inactive DOMException: Blocked frame with source " https://www.google.com " from accessing the cross origin frame.
I am following Google's instructions on how to enable ReCaptcha, but it doesn't work for me!
// top of the page
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
// then somewhere in the bottom
<div class="g-recaptcha" data-sitekey="@Model.Register.CaptchaSiteKey"></div>
My is being CaptchaSiteKey
loaded (I've debugged and tested).
source to share
Same origin policy is an important concept in the web application security model. According to the policy, the web browser allows scripts contained on the first web page to access the data on the second web page, but only if both web pages have the same origin. Origin is defined as a combination of a URI scheme, hostname, and port number. This policy prevents a malicious script on one page from hitting sensitive data on another web page through that page. Document object Model.
In other words: recaptcha
is a remote script resource and for security concerns your web server does not allow external resource code to be used.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
To allow any resource to access your resource, you can specify:
Access-Control-Allow-Origin: *
To allow https://www.google.com to access your resource, you can specify:
Access-Control-Allow-Origin: https://www.google.com
source to share
As explained in the answer here at fooobar.com/questions/2405306 / ... change all the http (s) protocols in your page to //
eg.
<script src="http://example1.com"></script> => <script src="//example1.com"></script>
<link href="https://example2.com" /> => <link href="//example2.com />
This resolved it for me.
Note. Don't forget to clear your cache afterwards.
source to share