Here is an excerpt from code from Google's recaptcha API (https://www.google.com/recaptcha/api.js):
/* PLEASE DO NOT COPY AND PASTE THIS CODE. */
(function() {
if (!window['___grecaptcha_cfg']) {
window['___grecaptcha_cfg'] = {};
};
if (!window['___grecaptcha_cfg']['render']) {
window['___grecaptcha_cfg']['render'] = 'onload';
};
window['__google_recaptcha_client'] = true;
var po = document.createElement('script');
po.type = 'text/javascript';
po.async = true;
po.src = 'https://www.gstatic.com/recaptcha/api2/r20160314182818/recaptcha__it.js';
var s = document.getElementsByTagName('script')[0];
s.parentNode.insertBefore(po, s);
})();
Why does Google recommend not to copying and pasting this code? Is it because they would lose tracking information?
I think that the code inserts a script on the page. To avoid another connection it would be useful to copy and paste the code directly. Is this ok?
Best Answer
Note the
po.src
line:r20160314182818
looks to be a timestamp, so in this case it's probably giving you the version that was deployed on 3/14/2016 at 6:28:18 PM.I suspect that the
it
bit means you are getting the Italian version, which means you are getting a version ofapi.js
based on your physical location. Your profile mentions you are Italian, so I taken this as confirmation.Note that when I follow the link above from California, that line looks like this:
What this means in general is that Google is deploying changes to this API very often (given that the deployed version is only nine days old) and based on the user's location. This is likely done because captchas are a direct target for reverse engineering by people looking to automate whatever process the captcha protects and because captchas may have culturally significant features.
If you copy paste this code, it means:
When using any API, it is very important to always stick to the public API and never use anything private for reasons such as this.