I have the following code running in code injections in the site footer:
<script>
$(function() {
const captchaContainerHTML = '<div id="h-captcha" class="h-captcha" data-sitekey="sitekey"></div>';
function addHCaptcha() {
const $iframeContents = $("#ghost-portal-root").find("iframe").contents();
$iframeContents.find(".gh-portal-content.signup .gh-portal-section").prepend(captchaContainerHTML);
$iframeContents.find('#h-captcha').each(function () {
hcaptcha.render(this);
});
}
window.addEventListener('hashchange', function() {
if (location.hash.startsWith('#/portal')) {
setTimeout(addHCaptcha, 200);
}
});
setTimeout(function() {
$("#ghost-portal-root").find("iframe").contents().find('.gh-portal-triggerbtn-container').click(function() {
setTimeout(addHCaptcha, 200);
});
}, 200);
});
</script>
Obviously with sitekey being the actual site key that I have confirmed numerous times.
However, when I open up the signup form it states:
ERROR for site owner: Invalid site key
Further, when I instead place the hCaptcha in the footer of the entire page, it works fine, which makes me think it is due to the fact that the signup form is an IFrame and there is something like a CORS issue preventing the hCaptcha from loading.
Has anyone got this sort of thing working or would be able to help me out?