Hi Thanks for the information. It seems the captcha correct answer is stored as a hidden field in the form. This does not seem very secure. Is there any reason it is not stored in the session rather as I believe that would be more secure?
Rees ________________________________ From: BJ Freeman <[email protected]> To: [email protected] Sent: Saturday, 25 July, 2009 0:28:50 Subject: Re: registration form - captcha check the specialpurpose/myportal/widgets/myportalforms.xml the java is in the framework/common component Rees Watkins sent the following on 7/24/2009 2:53 PM: > Hi > > My knowledge of security is limited, but I was wondering if the registration > form should have some form of captcha validation? Does anyone have an opinion > on this? > > Thanks > Rees > > > > -- BJ Freeman http://www.businessesnetwork.com/automation http://bjfreeman.elance.com http://www.linkedin.com/profile?viewProfile=&key=1237480&locale=en_US&trk=tab_pro Systems Integrator.
