Christian Boos wrote: > Also, I don't know exactly what it takes for a script to get a valid > session,
Isn't it enough to just request the ticket page, grab the session cookie, and post the comment with the received cookie? I'll try to come up with a minimal script for testing. No idea how to improve the situation, though. We could limit workflow operations to logged in users, but this is not going to prevent posting comments. -- Remy
signature.asc
Description: OpenPGP digital signature
