CaptchaTool

A lightweight, secure CAPTCHA widget for any website.

Quick Start

To get started, add the following to your HTML:

<script src="https://captchatool.com/captcha-widget.min.js" defer></script>
        <div data-captcha></div>

Additionally, make sure to include the required hidden fields to ensure full protection:

• <input type="hidden" name="captchaId" /> – Captcha session ID
• <input type="hidden" name="validatedCaptcha" /> – Stores the validation token after solving
• <input type="hidden" name="botCheck" autocomplete="off" /> – Honeypot field to catch basic bots

Include these fields inside your form to enable server-side validation and bot protection.

Server-side Validation

On form submit, verify server-side by checking validatedCaptcha:

• PHP
• Node.js
• Python (Flask)
• Java (Spring Boot)
• Go
• Rust (Axum)
• Ruby (Rails)
• C# (.NET Core)

if (empty($_POST['validatedCaptcha'])) {
      exit('CAPTCHA failed or not completed.');
    }

if (!req.body.validatedCaptcha) {
      return res.status(400).send('CAPTCHA failed or not completed.');
    }

if not request.form.get('validatedCaptcha'):
        return 'CAPTCHA failed or not completed.', 400

if (validatedCaptcha == null || validatedCaptcha.isEmpty()) {
      return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("CAPTCHA failed or not completed.");
    }

if r.FormValue("validatedCaptcha") == "" {
      http.Error(w, "CAPTCHA failed or not completed.", http.StatusBadRequest)
    }

if validated_captcha.is_empty() {
      return Err((StatusCode::BAD_REQUEST, "CAPTCHA failed or not completed."));
    }

if params[:validatedCaptcha].blank?
      render plain: "CAPTCHA failed or not completed.", status: :bad_request
    end

if (string.IsNullOrWhiteSpace(Request.Form["validatedCaptcha"])) {
                return BadRequest("CAPTCHA failed or not completed.");
              }

Try It Live

API Reference

Support

Need help? Contact hello@captchatool.com