[thelist] tracking spammers

Renoir Boulanger renoirb at gmail.com
Sat Jul 16 22:48:44 CDT 2011


I would suggest one thing.

The symfony framework has this auto gemerated hidden field implementing CSRF. It is in fact a string generated ising a shared secret and will accept posts coming with that field who gets validated.

I did not read about how exactly symfony implements it but it is a good starting point.

I doubt that you can accept posts coming from your own server because it is in the nature of a post to submit to a url from code... we just hooe its from our own and not for misleading reasons.

I am curious about how you can do that. Do you have a more concrete example?
> (...) You can get around this by coding your script so that it only takes form posts from your own IP. (...)



RENOIR BOULANGER //

devLABmtl.org/
ConFoo.ca/
evocatio.com/

(envoyé de mon téléphone)
~


More information about the thelist mailing list