Cloudflare Turnstile 是增长最快的验证码替代方案。要使用 CaptchaAI 解决此问题,您需要站点密钥和页面 URL。本指南涵盖了查找 sitekey 的所有方法 - 从简单的 DOM 查询到拦截 JavaScript 渲染调用。
Turnstile 站点密钥所在的位置
Turnstile 站点密钥出现在三个位置:
.cf-turnstile元素上的data-sitekey属性turnstile.render()JavaScript 调用- Turnstile iframe
srcURL
方法一:DOM属性
// Browser console
document.querySelectorAll('.cf-turnstile').forEach((el, i) => {
console.log(`Turnstile ${i}:`, {
sitekey: el.getAttribute('data-sitekey'),
action: el.getAttribute('data-action'),
cData: el.getAttribute('data-cdata'),
theme: el.getAttribute('data-theme'),
});
});
Python(静态 HTML)
import re
import requests
html = requests.get("https://staging.example.com/qa-login").text
matches = re.findall(
r'class=["\'][^"\']*cf-turnstile[^"\']*["\'][^>]*data-sitekey=["\']([^"\']+)',
html
)
for sk in matches:
print(f"Sitekey: {sk}")
Python(硒)
from selenium import webdriver
from selenium.webdriver.common.by import By
driver = webdriver.Chrome()
driver.get("https://staging.example.com/qa-login")
widgets = driver.find_elements(By.CSS_SELECTOR, ".cf-turnstile")
for w in widgets:
sitekey = w.get_attribute("data-sitekey")
action = w.get_attribute("data-action")
print(f"Sitekey: {sitekey}, Action: {action}")
方法2:JavaScript渲染调用
一些网站以编程方式呈现 Turnstile:
turnstile.render('#captcha-container', {
sitekey: '0x4AAAAAAAB...',
callback: function(token) {
document.getElementById('cf-token').value = token;
},
});
页面源码摘录:
# Find turnstile.render calls
render_match = re.search(
r'turnstile\.render\s*\([^,]*,\s*\{([^}]+)\}',
html
)
if render_match:
config = render_match.group(1)
sk = re.search(r'sitekey\s*:\s*["\']([^"\']+)', config)
if sk:
print(f"Sitekey from render: {sk.group(1)}")
Puppeteer拦截
// Intercept turnstile.render before page loads
await page.evaluateOnNewDocument(() => {
window.__turnstileParams = [];
const origRender = window.turnstile?.render;
Object.defineProperty(window, 'turnstile', {
set(val) {
this._turnstile = val;
const orig = val.render;
val.render = function(container, params) {
window.__turnstileParams.push(params);
console.log('Turnstile render:', JSON.stringify(params));
return orig.apply(this, arguments);
};
},
get() { return this._turnstile; }
});
});
await page.goto('https://staging.example.com/qa-login', { waitUntil: 'networkidle2' });
const params = await page.evaluate(() => window.__turnstileParams);
console.log('Captured Turnstile params:', params);
方法三:iframe src
Turnstile 呈现 iframe。站点密钥位于 src 中:
document.querySelectorAll('iframe').forEach(iframe => {
if (iframe.src.includes('challenges.cloudflare.com')) {
console.log('Turnstile iframe:', iframe.src);
const match = iframe.src.match(/sitekey=([A-Za-z0-9_-]+)/);
if (match) console.log('Sitekey:', match[1]);
}
});
使用 CaptchaAI 解决Turnstile问题
Python
import requests
import time
API_KEY = "YOUR_API_KEY"
SITEKEY = "0x4AAAAAAAB..."
PAGE_URL = "https://staging.example.com/qa-login"
# Submit
resp = requests.post("https://ocr.captchaai.com/in.php", data={
"key": API_KEY,
"method": "turnstile",
"sitekey": SITEKEY,
"pageurl": PAGE_URL,
"json": "1",
}).json()
if resp["status"] != 1:
raise Exception(f"Submit error: {resp['request']}")
task_id = resp["request"]
# Poll
for _ in range(24):
time.sleep(5)
result = requests.get("https://ocr.captchaai.com/res.php", params={
"key": API_KEY, "action": "get", "id": task_id, "json": "1"
}).json()
if result["status"] == 1:
token = result["request"]
print(f"Turnstile token: {token[:50]}...")
break
if result["request"] != "CAPCHA_NOT_READY":
raise Exception(f"Error: {result['request']}")
JavaScript
const axios = require('axios');
const submit = await axios.post('https://ocr.captchaai.com/in.php', null, {
params: {
key: 'YOUR_API_KEY',
method: 'turnstile',
sitekey: '0x4AAAAAAAB...',
pageurl: 'https://staging.example.com/qa-login',
json: 1,
}
});
const taskId = submit.data.request;
// Poll for result
let token = null;
for (let i = 0; i < 24; i++) {
await new Promise(r => setTimeout(r, 5000));
const poll = await axios.get('https://ocr.captchaai.com/res.php', {
params: { key: 'YOUR_API_KEY', action: 'get', id: taskId, json: 1 }
});
if (poll.data.status === 1) {
token = poll.data.request;
break;
}
}
console.log(`Token: ${token.substring(0, 50)}...`);
token 提交
Turnstile 将其令牌存储在名为 cf-turnstile-response 的隐藏输入中:
# Selenium
driver.execute_script("""
const input = document.querySelector('input[name="cf-turnstile-response"]');
if (input) input.value = arguments[0];
// Also set in the Turnstile widget's callback
const widget = document.querySelector('.cf-turnstile');
const callbackName = widget?.getAttribute('data-callback');
if (callbackName && typeof window[callbackName] === 'function') {
window[callbackName](arguments[0]);
}
""", token)
故障排除
| 问题 | 原因 | 处理方式 |
|---|---|---|
未找到 .cf-turnstile 元素 |
动态渲染 | 等待页面加载或使用 MutationObserver |
| 站点密钥为空 | 通过 JavaScript API 设置 | 在脚本中搜索 turnstile.render |
| 令牌被拒绝 | 站点密钥或页面 URL 错误 | 仔细检查两个值是否与目标站点匹配 |
method 参数错误 |
使用 userrecaptcha 旋转门 |
使用method=turnstile |
常问问题
Turnstile 比 reCAPTCHA 更难解决吗?
不,CaptchaAI 可以处理两者。 Turnstile 通常在 10-25 秒内解决,与 reCAPTCHA v2 相当。
Turnstile有隐形模式吗?
Turnstile 具有“托管”和“非交互”模式,不显示可见的小部件。站点密钥提取方法的工作原理相同。
使用 CaptchaAI 解决 Cloudflare Turnstile 验证码
获取您的 API 密钥:验证码网站。
相关指南
- 从页面源中提取 reCAPTCHA 参数
- 浏览器控制台验证码检测
- Turnstile、hCaptcha 与 reCAPTCHA
