Florent Daignière (NextGen$) wrote:
* if we use a capcha, the script will ask the user what's written
on the img ;)
I'm not sure whether a script can read the contents of an iframe that
comes from a different domain - in general the browser's supposed to
prevent that sort of thing, but there *might* be a loophole if the
contents of the iframe were originally loaded from the same domain as
the script domain and then redirected to another domain by submitting a
form.
Assuming the script can't read the contents of the iframe, the form
could contain a hidden field with a random, unguessable value that must
match when the form's submitted.
Cheers,
Michael
_______________________________________________
Devl mailing list
[email protected]
http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
