svcghost — 2011-04-14T01:14:56-04:00 — #1
Just wondering, what's stopping someone from creating an identical form to add a comment for example on your site? If your form uses three inputs (a hidden one with a value "iscomment", a text input named "content" and a submit input named "postcomment"), what's stopping someone from just mimicking that form on their server and being able to post comments to your site via their own script?
What do you use to counter this from happening? Thanks so much guys.
logic_earth — 2011-04-14T01:37:50-04:00 — #2
Do you mean bypassing your web application? Not possible. While they can clone the form they won't be able to bypass the application that handles the form underneath. Is that the answer you are wanting? As for how I counter it, I do nothing. It is not an issue as long as the input is valid and not spam. I don't care where it comes from because that implementation detail does not matter.
svcghost — 2011-04-14T02:05:38-04:00 — #3
Ah good point good point. Thank you!