15-Aug-2023 02:36
I have a problem when i enable header security link article https://my.f5.com/manage/s/article/K57207881
But captcha not show
How to check this problem
Solved! Go to Solution.
21-Aug-2023 13:34 - edited 21-Aug-2023 13:35
You need then to allow google recaptcha URLs. Something like that:
if {!([HTTP::header exists "Content-Security-Policy"])} { HTTP::header insert Content-Security-Policy "default-src 'self'; script-src 'self' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self'; font-src 'self'; img-src 'self'; frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; upgrade-insecure-requests" }
Frequently Asked Questions | reCAPTCHA | Google for Developers
View solution in original post
16-Aug-2023 17:31
What exact captcha are you referring to?
What is the security headers configuration you've implemented?
16-Aug-2023 17:44
the format that i inspect png, and image broken
i removed this rule and the captcha show again, i dont know what exactly should i modify this parameter
if {!([HTTP::header exists "Content-Security-Policy"])} { HTTP::header insert Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self'; font-src 'self'; img-src 'self'; frame-src 'self'; upgrade-insecure-requests"
Thanks
18-Aug-2023 13:24
You didn't mention what kind of captcha you are using (recaptcha, hcaptcha, self made captcha ...). If this is an external service (hCaptcha, reCaptcha) you will have to tweak you rules a little bit.
20-Aug-2023 17:51
reCaptcha by google developer, i dont know how to modify irule, do you have any suggestion or reference ?
