On 9/20/07, Claude Schneegans <[EMAIL PROTECTED]> wrote: > >>It's like implementing captcha, but validating the captcha key with > javascript > > Ha ha, but where is the problem, since robots can't read Javascript? ;-)
That's exactly the problem. Because robots typically read the form, and then submit the variables directly to the action page. The javascript is never executed, and therefore if you're using javascript to validate the captcha, you'll only be stopping people who have trouble reading the captcha! Besides, if you're using javascript for this, then you've put the captcha answer in the javascript. There is a flaw in your sentence above. Robots *CAN* read javascript, they just can't execute javascript. So even if you're *ALSO* validating on the back-end, the robot can just read the javascript source, figure out the captcha key, and submit it correctly. -- Rick Root Check out CFMBB, BlogCFM, ImageCFC, ImapCFC, CFFM, and more at www.opensourcecf.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| ColdFusion is delivering applications solutions at at top companies around the world in government. Find out how and where now http://www.adobe.com/cfusion/showcase/index.cfm?event=finder&productID=1522&loc=en_us Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:288979 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
