Skip Menu |
 

This queue is for tickets about the CGI-Application-Plugin-CAPTCHA CPAN distribution.

Report information
The Basics
Id: 17932
Status: new
Priority: 0/
Queue: CGI-Application-Plugin-CAPTCHA

People
Owner: Nobody in particular
Requestors: jwilliams [...] ryszard.us
Cc:
AdminCc:

Bug Information
Severity: Important
Broken in: (no value)
Fixed in: (no value)



Subject: tokens out of cookies and cached or in hidden fields.
hey dude, i've just had a bit of a look at your plugin, and think its a good thing (tm). I plan on implementing it in an application framework i have built around CGI::Application. Rather than sending the tokens off in a cookie there are a couple of possible options (and i dont mind helping develop them with you): 1) a CAPTCHA will typicall be used in a form, why not include the token in a hidden form field ala CGI::Application run modes? while it doesnt solve the problem of sending the token to the client for analysis, it does solve the problem of sending cookies against browsers who have them turned off. 2) In my framework i'm using Apache::Cache. It would be possible to use a memory cache to oranise this. your plugin would save the token in the cache, and when the user submits their form, the plugin would then go and search for said key in the cache. i only say Apache::Cache because *i'm* using it, but the plugin could be written to employ any pre built module, or something as simple as a tied hash. if you're interested let me know...


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.