"api.recaptcha.net" and friends seem to be gone
for good. The code didn't use those GLOBALS either,
AFAICS.
Signed-off-by: Thomas Hochstein <thh@inter.net>
Try to auto-detect if site is served via HTTPS or HTTP. The original version requests the captcha via HTTP. So if the site is served via HTTPS, the browser will block this attempt and no captcha will be shown on the site.
It is not a perfect solution (a better one would be to let the user configure it), since it would not detect the correct value if the webserver is behind a proxy (the proxy serves the site via HTTPS and the webserver via HTTP to the proxy). But this solution will work in most of the cases until a serendipity developer can add an extra configuration option.
