On Fri, Jun 02, 2006 at 12:57:50PM +0100, Michael Rogers wrote: > Matthew Toseland wrote: > >Didn't work for me. No node named Big Brother was added to my routing > >table. And I have javascript enabled. > > Sorry, there was a field missing from the form - could you try it again? > > >But this should be solvable by reconfirming anything not from the proxy > >itself, right? > > Not sure if reconfirming will help; a script could submit the form and > then submit the confirmation a couple of seconds later. You need to put > something in the form that a script can't guess, eg a hidden field > containing a random number.
Wouldn't that require think-cash or something? A script can open the /darknet page in an iframe, submit the form, then submit the confirmation? So how do we prevent this? Think-cash? That's horrible. How do other projects prevent these sorts of dirty tricks? It must be a common problem for locally run web services? Or even for remotely run ones! > > Cheers, > Michael -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so.
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list [email protected] http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
