On 2013-03-11 4:32 PM, "Tyler Romeo" <[email protected]> wrote: > > Honestly, the solution could be as simple as requiring that the HTTP > response have a certain header or something. > > *--* > *Tyler Romeo* > Stevens Institute of Technology, Class of 2015 > Major in Computer Science > www.whizkidztech.com | [email protected] > _______________________________________________ > Wikitech-l mailing list > [email protected] > https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Ok. I withdraw my security related objections :). Some sort of header based checking to make sure the posts are wanted sounds sane (provided that very initially a get request is used to verify this. Post requests to arbitrary unverified urls can be dangerous.). -bawolff _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
