[thelist] Captcha??

Sarah Adams mr.sanders at geekjock.ca
Thu Nov 9 13:18:55 CST 2006


>> You're trying to combat spam, which is your problem as a site admin.
>> Your solution to this is to make it the user's problem, by challenging
>> with a test. If the user cannot pass the test because of a disability,
>> your user is going to be pissed you might be in hot legal water. The
>> test serves no functional purpose and keeps users with a particular
>> disability out.
> 
> The problem with that, is "send to" forms, whereby the user can send an
> email to someone else using a form, usually with comments. Effectively,
> you can send spam to someone using somebody else's connection.

I think the point Matt was making is that you should (could?) find a way
to validate the form submission on the server side (i.e. making it
*your* problem), rather than using a captcha (i.e. making it the
*users'* problem). There's lots of info out there about avoiding contact
form hijacking, for example:
http://www.anders.com/projects/sysadmin/formPostHijacking/

-- 
sarah adams
web developer & programmer
portfolio: http://sarah.designshift.com
blog: http://hardedge.ca



More information about the thelist mailing list