It's quite annoying to allow Recaptcha requests every time required, especially because one needs to observe it's a blocked Recaptcha request causing something (e.g. a login) to fail. Recaptcha requires the following destinations to be allowed: ```js [ {perPath: "https://www.google.com", pathPrefix: "/recaptcha/"}, {prePath: "https://www.gstatic.com", pathPrefix: "/recaptcha/"}, ] ``` I imagine this will be a "rule bundle", compare https://github.com/RequestPolicyContinued/requestpolicy/issues/338. This means that when the subscriptions are enabled, it will not automatically allow requests to Recaptcha, but in the menu a Bundle Destination will appear if and only if one of the rules in the bundle matches some blocked request on the current site.