Smalltalk Frameworks & Tools Seaside Seaside General

reCAPTCHA for Seaside (2.9)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
laza
Reply | Threaded
Open this post in threaded view
|

reCAPTCHA for Seaside (2.9)

laza
Hi!

I just finished a reCAPTCHA component for Seaside.
You can read about it here [1] and testdrive it here [2].

Alex

[1] http://blog.blobworks.com/2009/01/05/recaptcha-for-seaside
[2] http://seasidemo.blobworks.com:9090
_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Philippe Marschall
Reply | Threaded
Open this post in threaded view
|

Re: reCAPTCHA for Seaside (2.9)

Philippe Marschall
2009/1/5, Alexander Lazarević <[hidden email]>:
> Hi!
>
> I just finished a reCAPTCHA component for Seaside.
> You can read about it here [1] and testdrive it here [2].

The HTTP part of the verification code looks a bit hairy but I
understand the desire to avoid the abomination that is HTTPSocket. The
thing is that while the iframe uses HTTPS the verification doesn't.
You might want to give the Curl Plugin [1] a try.

Besides that: cool, people writing libraries for Seaside is a good thing (tm)

 [1] http://www.squeaksource.com/CurlPlugin.html

Cheers
Philippe

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
laza
Reply | Threaded
Open this post in threaded view
|

Re: reCAPTCHA for Seaside (2.9)

laza
Hi!

Philippe Marschall schrieb:
> 2009/1/5, Alexander Lazarević <[hidden email]>:
> The HTTP part of the verification code looks a bit hairy but I
> understand the desire to avoid the abomination that is HTTPSocket.

:D

I tried to use httpPostDocument: url  args: at.al. but I got no response using them. There should be a large fat warning
sign.

> The thing is that while the iframe uses HTTPS the verification doesn't.

Ah, yes. Hm, the first is the client connection while the second is the server connection. An attacker could sniff the
private key on the server connection, so I guess you are right about protecting this connection also via HTTPS.

> You might want to give the Curl Plugin [1] a try.

I will have a look. My aim was though to keep dependencies at a minimum.

> Besides that: cool, people writing libraries for Seaside is a good thing (tm)

I guess the more building blocks, the better for seaside. :)

Alex

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Free forum by Nabble Edit this page