recaptcha reCAPTCHA v3 is loading unnecessary fonts

Hi,

Per the reCAPTCHA V3 documentation we are allowed to hide the badge:

https://developers.google.com/recaptcha/docs/faq#id-like-to-hide-the-recaptcha-badge.-what-is-allowed

However, hiding the badge does not prevent the two fonts used on the badge from downloading. reCAPTCHA V3 downloads two fonts each about 10KB, so that's 20KB of unnecessary data being loaded each time.

We cannot block the request because the CSS is inside the iFrame.

Is it possible to provide a configuration option that will disable the font, or maybe disable the badge altogether?

May 09 '20 01:05 galford-tillster

I have the same issue plus google pagespeed insights thinks the text is not visible while loading these fonts.

Jun 28 '20 21:06 shirnschall

I have the same issue because recaptcha loading that roboto font and google pagespeed insights consider it while analyzing

Feb 22 '21 09:02 khanakia

Same problem here:

Mar 10 '21 12:03 levipadre

Same problem. Anybody solved this?

Apr 12 '21 10:04 lea-pw

Same!

Jun 04 '21 00:06 joaquinvexels

Same problem here.

Aug 17 '21 05:08 swaranan

Same problem here. Any solutions?

Sep 03 '21 10:09 federer11

Also interested in resolution for this.

Sep 26 '21 18:09 Nincha

Classic Google, be the cause of the problem while also dinging us for having a problem.

My site uses Roboto as the fonts already and I host them myself. Now the script goes and downloads another copy of them from Google fonts. Fantastic.

Dec 12 '21 22:12 quadcom

Same problem. Hope a option to disable font loading.

Dec 23 '21 14:12 emendo-web

Hi All,

Simply add this to your head and then Google Pagespeed will not complaint

<link rel="preconnect" href="https://fonts.gstatic.com/" crossorigin>

Dec 23 '21 16:12 khanakia

Same problem here.

Mar 23 '22 00:03 ansmlc

Same problem. Any solutions?

Mar 29 '22 09:03 novvac

Same problem. Any solutions?

@khanakia Just use preconnect event google fonts itself suggesting this.

Mar 29 '22 11:03 khanakia

Same problem. Any solutions?

@khanakia Just use preconnect event google fonts itself suggesting this.

That doesn’t solve the invisible font issue as shown by @levipadre

Or the fact fonts are still being requested even when they are already self-hosted.

Mar 30 '22 23:03 ansmlc

I am facing the same problem in reCAPTCHA v2. Google Fonts are always loaded from fonts.gstatic.com. I want them to be loaded from my server.

After taking a look into it, the font-face's are loaded from the inline styles (inside https://www.google.com/recaptcha/api2/anchor).

/* inside the inline styles */

/* cyrillic-ext */
--
  | @font-face {
  | font-family: 'Roboto';
  | font-style: normal;
  | font-weight: 400;
  | src: url(//fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu72xKKTU1Kvnz.woff2) format('woff2');
  | unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;
  | }

Changing the theme parameter to dark or light mode still loads the fonts. There is not any setting in the documentation to switch of the font or CSS.

Is there a way to remove these inline styles?

Apr 15 '22 09:04 steve-buri

Wow it is almost 2 years since this issue was reported, and still google report this error in pagespeed, no way to disable or recaptcha developers should have added display:swap parameter so it is not issue anymore in pagespeed.

May 13 '22 11:05 mohsinr

Plus there was a lawsuit in Germany that makes it potentially illegal to load fonts from google servers. Which in turn makes it illegal to use recaptcha now?!

Jun 16 '22 02:06 gnaaromat

any google person here? Cant be that hard to remove the unnecessary font loading from css?! Or make it even optional.

EDIT: At the moment the only option is to get rid of recaptcha :(

Jul 12 '22 13:07 alorbach

Plus there was a lawsuit in Germany that makes it potentially illegal to load fonts from google servers. Which in turn makes it illegal to use recaptcha now?!

Yes. Seems a bit difficult at the moment. Article (in german): https://www.golem.de/news/google-fonts-abmahnungen-an-webseitenbetreiber-mit-google-schriftarten-2208-167472.html

Aug 10 '22 09:08 nessor

Same problem here.

Sep 13 '22 16:09 seanconklin

Same, that font is useless, there should be a way to remove or edit that css.

Sep 27 '22 08:09 websuits

Same here, we already received complaints. Is there no way to remove that font?

Oct 04 '22 12:10 23tux

Same problem here we need to change the captcha solution for our customers because of that.

Oct 04 '22 16:10 iMartn

Implemented workaround preventing the initial load and then added a mouse move event to load the iframe, works well for page speed.

Oct 04 '22 16:10 websuits

@rowan-m you tagged this almost 30 months ago, do you have any progress to share?

Oct 05 '22 06:10 NiklasBr

Within 2 1/2 years, it went from @galford-tillster's original "20KB of unnecessary data being loaded each time" to legal actions being taken against companies in Germany

Oct 05 '22 07:10 23tux

Common Google cant be that hard to come up with a solution?!

Oct 05 '22 10:10 alorbach

Note: It should be possible to block this via the "Content Security Policy": https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/font-src

Oct 06 '22 07:10 sfritzsche

@sfritzsche I'm not sure if this is right, because the font is loaded from within an iFrame that is rendered by reCaptcha, and you can't set a header for that AFAIK. Have you tried this, if it really works?

Oct 06 '22 08:10 23tux

recaptcha recaptcha copied to clipboard

reCAPTCHA v3 is loading unnecessary fonts

recaptcha
recaptcha copied to clipboard