Netlify hosted recaptch destroy performance 🫤 Any solution?

Hi there,

I am using Netlify hosted captcha, which is very easy to setup but it destroy all the performance optimisation I done.

Also bring your own captcha have only 1 option guess what google captcha. There is no option to add hcapthc or Cloudflare captcha that I prefer more.

Now usually I show captcha conditionally such as if user click the email field show captcha A very simple line of code to load captcha conditionally.

let isCaptchaLoaded = !1;
const forms = document.getElementsByClassName("form-with-captcha");
for (form of forms)
    form.onsubmit = function(e) {
        e.preventDefault();
        let t = new FormData(form);
        ajax(form, t, cb)
    },
    form.querySelector('input[type="email"]').addEventListener("focus", () => {
        if (isCaptchaLoaded)
            return;
        isCaptchaLoaded = !0;
        const e = document.createElement("script");
        e.src = "https://js.hcaptcha.com/1/api.js",
        document.head.appendChild(e)
    });

How can I add a condition in netlify hosted captcha so it only loads when use actually click the email field instead of just loading it on each load. which is also a privacy nightmare specially in EU

Thanks!

What you’re asking is not possible at the moment.

1 Like

Hi @hrishikesh

Why not? it is very easy and important for performance. I spend hours to make website score 100 on lighthouse and this shitty captcha destroys it.

it isn’t that difficult just hold it until a field is clicked or let user bring there own captcha other then the google captcha.

In EU you need 1 out of 6 legal basis to collect data and google captcha loading by default track users and collect data. This is not just performance but also privacy nightmare forced upon netlify users.

Unfortunately I have to take my site to Cloudflare pages to avoid privacy violation and site performance decline with the limited captcha option that netlify offers :frowning_face:

Thanks

It’s an opt-in feature, you can choose to not use it if it’s not fitting your use-case or needs.

This has been requested a few times (less than 5), but based on the utterly low demands, we do not have the bandwidth to make this a priority.

Please don’t make incorrect statements. ReCaptcha is not forced. You can choose to not use it.

Hi @hrishikesh

Lets agree to disagree, if there is only 1 option to protect from spam and there is monopoly of google it is not opt-in I cannot just optout of google and opt-in to a different captcha. Even if I use bring your own captcha it still have to be google.

Again you cannot have a website form without spam protection and when you limit users to only 1 option then users are forced to use that 1 option or risk getting increased number of spam since this is the only option.

Let’s just end it here, it is disappointing that netlify limit users to only use google captcha or have no captcha.

Is there another way where I can keep hosting on netlify and use either hcaptcha or cloudlfare captcha?

Thanks

Usually, I’d have done that, but not in this case, sorry. Here’s why:

  1. Netlify Forms are an opt-in feature in itself: You can host sites on Netlify without using Netlify Forms. You specifically choose to use that feature. None of that is “forced” like you mentioned.
  2. Again, not all websites use ReCaptcha to prevet spam submission. I myself did not use ReCaptcha for my website (and I still don’t), and I don’t really receive any spam. I can agree that our experiences would differ, but your statement of “you cannot have a website without spam protection” is not true. It’s probably your specific use-case that needs spam prevention. Now, robots can even bypass ReCaptcha to some extent, so you’re never 100% safe from spam - which again raises the question whether to use ReCaptcha or not - thus, an opt-in feature.
  3. Users being forced to use the only ReCaptcha that we provide is something I can agree on - that’s the only thing you can use IF (i), you want to use Netlify Forms and (ii) you wish to implement some kind of captcha protection - again opt-in.
  4. You can continue hosting on Netlify, and use a different form service - something that might allow you to use a different captcha service.

Hi @hrishikesh

Give me 1 good reason to do this, the only reason to use netlify over Cloudflare pages for me was forms



I suppose you have a website with no traffic not the case with me need spam protection



At least something to agree upon



Again not worth hosting on netlify if I need to use form from another provider. I believe in that case without the forms Cloudflare pages is way better than netlify specially considering free analytics on cloudlfare pages.


I would rather have a solution to my issue if possible this argument is tiring :frowning: .

Thanks!

I’m sorry if Netlify doesn’t serve your use-case. Feel free to host on Cloudflare if that better matches yoour requirements.

But, if you stick to using Netlify Forms and then say we’re forcing you to use ReCaptcha, that’s an invalid statement and there’s simply no way I’d be accepting it. “Force” is simply the wrong word to use.