I have a C# MVC app that makes use of recaptcha security code in a particular view. In my view i have the following code:

<script type="text/javascript" src="https://www.google.com/recaptcha/api/js/recaptcha_ajax.js"></script>
...
@Html.Raw(Html.GenerateCaptcha("captcha", "white"))
@Html.ValidationMessage("captcha")

When i try to load the page, i get the following error in chrome's debugger:

Mixed Content: The page at 'https://mywebsite.com' was loaded over HTTPS, but requested an insecure resource 'http://www.google.com/recaptcha/api/challenge?k=mykey'. This request has been blocked; the content must be served over HTTPS.

and if i inspect the source of the loaded page, the razor control for recaptcha generates this script tag:

<script type="text/javascript" src="http://www.google.com/recaptcha/api/challenge?k=mykey">

the src attribute is a http url not a https url.

If anyone knows how i can overcome this error, it would be greatly appreciated. Thanks, Kapetanios

Ok here i am posting an answer to my own question again.

It turns out that this:

@Html.Raw(Html.GenerateCaptcha("captcha", "white"))
@Html.ValidationMessage("captcha")

was rendering this:

<script type="text/javascript" src="http://www.google.com/recaptcha/api/challenge?k=mykey"></script>

The src attribute of the script tag contained http and not https So, to fix this issue, i just replaced the @html.raw & @html.validate with this:

<script type="text/javascript" src="https://www.google.com/recaptcha/api/challenge?k=mekey"></script>
            <noscript>
                <iframe src="https://www.google.com/recaptcha/api/noscript?k=mykey" height="300" width="500" frameborder="0"></iframe><br>
                <textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea><input name="recaptcha_response_field" value="manual_challenge" type="hidden" />
            </noscript>

Doing this stopped chrome debugger from getting the error.