Typo3: 12.4.6
Php: 8.1

Sitekey and Secret Key insterted correctly but there is an Error establishing the Connection:

Verification failed
Connection problem with https://eu-api.friendlycaptcha.eu/api/v1/siteverify

For PHP 8+ passing null to trim and other core functions is deprecated. simple solution would be the usage of the Null Coalescing Operator:

    /**
     * Validate reCAPTCHA challenge/response
     *
     * @return array Array with verified- (boolean) and error-code (string)
     */
    public function validateReCaptcha(): array
    {
        if (!$this->getShowCaptcha()) {
            return [
                'verified' => true,
                'error' => ''
            ];
        }

        $solution = trim(GeneralUtility::_GP('frc-captcha-solution') ?? '');

        $request = [
            'site_key' => $this->configuration['public_key'] ?? '',
            'secreat_key' => $this->configuration['secret_key'] ?? '',
            'response' => $solution,
            'remoteip' => GeneralUtility::getIndpEnv('REMOTE_ADDR'),
            'eu' => $this->configuration['eu'] ?? '',
            'enablepuzzle' => $this->configuration['enablepuzzle'] ?? ''
        ];
        if ($solution == '.UNSTARTED' || $solution == '.UNFINISHED' || $solution == '.FETCHING') {
            $request['response'] = '';
        }
        $result = ['verified' => false, 'error' => ''];
        if (empty($request['response'])) {
            $result['error'] = 'missing-input-response';
        }

        // Server Side Velidation
        $response = $this->queryVerificationServer($request);
        if ($response['success']) {
            $result['verified'] = true;
        } else {
            if (isset($response['error-codes'])) {
                $result['error'] = $response['error-codes'];
            }
            if (isset($response['errors'])) {
                $result['error'] = 'missing-input-response';
            }
        }
        return $result;
    }

can you fix this?

Dear Team NITSAN,

I think the verification URL for the EU endpoint is wrong. Should be
$verifyServerInfo = 'https://eu-api.friendlycaptcha.eu/api/v1/siteverify';

but is:
$verifyServerInfo = 'https://eu-api.friendlycaptcha.eu/api/v1/puzzle';

Best regards

Originally posted by @benedikt-dreier in #7 (comment)

With ebc1ad6#diff-5e15ae082e9095bfca62c8b83a7a2cdbcf8e5ac4c750ab8c832aa12cce7d7a74R14 you disable CSP for front- and backend.

This

1. causes confusion until we figured out why enabling CSP via additional.php does not work
2. is in generall only a work-around and not a solution

Maybe you already tried to find a solution for this but failed within your time-constraints.

We will try to come up with suggestions as soon as we have some working ideas on our side.

When robotMode set to 0 in typoscript its not added to the configuration array.

When robotMode set to 1 there is no issue.

Core: Error handler (FE): PHP Warning: Undefined array key "robotMode" in /var/www/html/typo3conf/ext/ns_friendlycaptcha/Classes/Services/CaptchaService.php line 97

TYPO3 11.5.25- php 8.0

System Environment
TYPO3 9.5.8 and PHP 7.2.34.

syntax error, unexpected 'CaptchaService' (T_STRING), expecting function (T_FUNCTION) or const (T_CONST)

in /var/www/vhosts/wwjacob.de/httpdocs/websites/www/htdocs/typo3conf/ext/ns_friendlycaptcha/Classes/ViewHelpers/Form/RecaptchaViewHelper.php line 10
use TYPO3\CMS\Fluid\ViewHelpers\Form\AbstractFormFieldViewHelper;

class RecaptchaViewHelper extends AbstractFormFieldViewHelper
{
protected CaptchaService $captchaService;

public function __construct(CaptchaService $captchaService)
{
$this->captchaService = $captchaService;

There is just one feature of Friendly Captcha I am missing in the extension. It is possible to define a EU endpoint for the frontend and also for backend verification. The reason is data privacy / GDPR. The documentation can be found here: https://docs.friendlycaptcha.com/#/eu_endpoint

Is it possible to include this in the extension as a possibility to activate the EU endpoint?

The Friendly Captcha solution is supposed to be checked against the Friendly Captcha server. The reason is that an automated script or a bot could forge the captcha solution and try to impersonate a human being. As far as I can tell, the way you've implemented the captcha it is never checked for being a correct captcha solution and therefore any spam-bot can still use the form. But this is the only reason for using a captcha.

Considering your request "Verifying the CAPTCHA solution on server." according to their official documentation
https://docs.friendlycaptcha.com/#/installation?id=_3-verifying-the-captcha-solution-on-the-server