正在加载 reCAPTCHA
使用集合让一切井井有条
根据您的偏好保存内容并对其进行分类。
本文档介绍了加载 reCAPTCHA 脚本标记的最佳实践。
这些信息适用于 reCAPTCHA v2 和 v3。
异步加载 reCAPTCHA
所有版本的 reCAPTCHA 都可以异步加载。正在加载 reCAPTCHA
不会影响其识别可疑流量的能力。到期日
获享异步脚本的性能优势,加载 reCAPTCHA
或异步方式
<script async src="https://www.google.com/recaptcha/api.js">
异步加载 reCAPTCHA 时请注意,reCAPTCHA 不能
直到加载完成例如,以下代码可能会
断点:
<script async src="https://www.google.com/recaptcha/api.js"></script>
<script>
// If reCAPTCHA is still loading, grecaptcha will be undefined.
grecaptcha.ready(function(){
grecaptcha.render("container", {
sitekey: "ABC-123"
});
});
</script>
在某些情况下,调整脚本顺序就足以防止出现竞态
条件。或者,您可以通过将
在加载 reCAPTCHA 的页面上。如果您使用的是
grecaptcha.ready() 来封装 API 调用,请添加以下代码段以确保
以确保可以随时调用 reCAPTCHA
<script async src="https://www.google.com/recaptcha/api.js"></script>
<script>
// How this code snippet works:
// This logic overwrites the default behavior of `grecaptcha.ready()` to
// ensure that it can be safely called at any time. When `grecaptcha.ready()`
// is called before reCAPTCHA is loaded, the callback function that is passed
// by `grecaptcha.ready()` is enqueued for execution after reCAPTCHA is
// loaded.
if(typeof grecaptcha === 'undefined') {
grecaptcha = {
ready: function(cb) {
// window.__grecaptcha_cfg is a global variable that stores reCAPTCHA's
// configuration. By default, any functions listed in its 'fns' property
// are automatically executed when reCAPTCHA loads.
const c = '___grecaptcha_cfg';
window[c] = window[c] || {};
(window[c]['fns'] = window[c]['fns'] || []).push(cb);
}
};
}
// Usage
grecaptcha.ready(function(){
grecaptcha.render("container", {
sitekey: "ABC-123"
});
});
</script>
作为替代方案,使用 v2 API 的网站可能发现,
onload 回调;在 reCAPTCHA 完成时,系统会执行 onload 回调
正在加载。应在加载 reCAPTCHA 之前定义 onload 回调
脚本。
<script>
const onloadCallback = function() {
console.log("reCAPTCHA has loaded!");
grecaptcha.reset();
};
</script>
<script async src="https://www.google.com/recaptcha/api.js?onload=onloadCallback”></script>
如果不能异步加载 reCAPTCHA,包括 preconnect
强烈建议针对 reCAPTCHA 提供资源提示。这样可最大限度减少
脚本下载会阻塞解析器的时间。
使用资源提示
在文档的 <head> 中添加以下资源提示
减少交付客户使用的
reCAPTCHA。preconnect 资源提示会指示浏览器创建一个
与第三方来源的早期连接
<link rel="preconnect" href="https://www.google.com">
<link rel="preconnect" href="https://www.gstatic.com" crossorigin>
延迟加载
一般来说,reCAPTCHA 掌握的网页内容越多,
以确定用户操作是否合法。这是
在使用不依赖于用户
挑战。因此,等到执行特定的受限操作时,才加载 reCAPTCHA
(例如表单提交),通常不建议这样做。
如未另行说明,那么本页面中的内容已根据知识共享署名 4.0 许可获得了许可,并且代码示例已根据 Apache 2.0 许可获得了许可。有关详情,请参阅 Google 开发者网站政策。Java 是 Oracle 和/或其关联公司的注册商标。
最后更新时间 (UTC):2025-07-25。
[null,null,["最后更新时间 (UTC):2025-07-25。"],[[["\u003cp\u003ereCAPTCHA can be loaded asynchronously without impacting its ability to detect suspicious traffic and is generally recommended for performance benefits.\u003c/p\u003e\n"],["\u003cp\u003eWhen loading reCAPTCHA asynchronously, ensure it's fully loaded before calling its functions; using \u003ccode\u003egrecaptcha.ready()\u003c/code\u003e or adjusting script ordering can prevent issues.\u003c/p\u003e\n"],["\u003cp\u003eAs an alternative to \u003ccode\u003egrecaptcha.ready()\u003c/code\u003e, sites using reCAPTCHA v2 can utilize the \u003ccode\u003eonload\u003c/code\u003e callback, defined before the script, to execute functions after reCAPTCHA loads.\u003c/p\u003e\n"],["\u003cp\u003eIf asynchronous loading isn't feasible, using \u003ccode\u003epreconnect\u003c/code\u003e resource hints in the document's \u003ccode\u003e<head>\u003c/code\u003e can minimize script download blocking.\u003c/p\u003e\n"],["\u003cp\u003eFor optimal performance, it's generally recommended to load reCAPTCHA early in the page lifecycle to provide it with sufficient context.\u003c/p\u003e\n"]]],["reCAPTCHA should be loaded asynchronously for performance benefits using the `\u003cscript async\u003e` tag. Asynchronous loading can cause issues if reCAPTCHA is used before it finishes loading. This can be fixed by adjusting script order or by modifying `grecaptcha.ready()` to queue API calls until reCAPTCHA is ready. V2 can also utilize the `onload` callback. If synchronous loading is needed use `\u003clink rel=\"preconnect\"\u003e` resource hints. Lastly, avoid lazy loading as it reduces reCAPTCHA's effectiveness.\n"],null,["# Loading reCAPTCHA\n\nThis document discusses best practices for loading the reCAPTCHA script tag.\nThis information is applicable to both reCAPTCHA v2 and v3.\n\nLoading reCAPTCHA asynchronously\n--------------------------------\n\nAll versions of the reCAPTCHA can be loaded asynchronously. Loading reCAPTCHA\nasynchronously does not impact its ability to identify suspicious traffic. Due\nto the performance benefits of asynchronous scripts, loading reCAPTCHA\nasynchronously is generally recommended. \n\n \u003cscript async src=\"https://www.google.com/recaptcha/api.js\"\u003e\n\nWhen loading reCAPTCHA asynchronously, keep in mind that reCAPTCHA cannot be\nused until it has finished loading. For example, the following code would likely\nbreak: \n\n \u003cscript async src=\"https://www.google.com/recaptcha/api.js\"\u003e\u003c/script\u003e\n \u003cscript\u003e\n // If reCAPTCHA is still loading, grecaptcha will be undefined.\n grecaptcha.ready(function(){\n grecaptcha.render(\"container\", {\n sitekey: \"ABC-123\"\n });\n });\n \u003c/script\u003e\n\nIn some situations, adjusting script ordering can be enough to prevent race\nconditions. Alternatively, you can prevent race conditions by including the\nfollowing code snippet on pages that load reCAPTCHA. If you are using\n`grecaptcha.ready()` to wrap API calls, add the following code snippet to ensure\nthat reCAPTCHA can be called at any time. \n\n \u003cscript async src=\"https://www.google.com/recaptcha/api.js\"\u003e\u003c/script\u003e\n \u003cscript\u003e\n // How this code snippet works:\n // This logic overwrites the default behavior of `grecaptcha.ready()` to\n // ensure that it can be safely called at any time. When `grecaptcha.ready()`\n // is called before reCAPTCHA is loaded, the callback function that is passed\n // by `grecaptcha.ready()` is enqueued for execution after reCAPTCHA is\n // loaded.\n if(typeof grecaptcha === 'undefined') {\n grecaptcha = {\n ready: function(cb) {\n // window.__grecaptcha_cfg is a global variable that stores reCAPTCHA's\n // configuration. By default, any functions listed in its 'fns' property\n // are automatically executed when reCAPTCHA loads.\n const c = '___grecaptcha_cfg';\n window[c] = window[c] || {};\n (window[c]['fns'] = window[c]['fns'] || []).push(cb);\n }\n };\n }\n\n // Usage\n grecaptcha.ready(function(){\n grecaptcha.render(\"container\", {\n sitekey: \"ABC-123\"\n });\n });\n \u003c/script\u003e\n\nAs an alternative, sites that use the v2 API may find it useful to use\nthe `onload` callback; the `onload` callback is executed when reCAPTCHA finishes\nloading. The `onload` callback should be defined before loading the reCAPTCHA\nscript. \n\n \u003cscript\u003e\n const onloadCallback = function() {\n console.log(\"reCAPTCHA has loaded!\");\n grecaptcha.reset();\n };\n \u003c/script\u003e\n \u003cscript async src=\"https://www.google.com/recaptcha/api.js?onload=onloadCallback\"\u003e\u003c/script\u003e\n\nIf loading reCAPTCHA asynchronously is not an option, including `preconnect`\nresource hints for reCAPTCHA is strongly recommended. This will minimize the\namount of time that the script download blocks the parser.\n\nUsing resource hints\n--------------------\n\nIncluding the following resource hints in the `\u003chead\u003e` of the document will\nreduce the amount of time that it takes to deliver the resources used by\nreCAPTCHA. The `preconnect` resource hint instructs the browser to establish an\nearly connection with a third-party origin. \n\n \u003clink rel=\"preconnect\" href=\"https://www.google.com\"\u003e\n \u003clink rel=\"preconnect\" href=\"https://www.gstatic.com\" crossorigin\u003e\n\nLazy Loading\n------------\n\nGenerally speaking, the more context that reCAPTCHA has about a page, the better\ninformed it is to determine whether user actions are legitimate. This is\nparticularly true when using versions of reCAPTCHA that don't rely on user\nchallenges. Thus, waiting to load reCAPTCHA until a specific restricted action\noccurs (for example, form submission) is generally not recommended."]]
