I'm not saying it ever receives that variable. However, CF somehow
associates that session with that client, therefore, the spider appears
to be a valid client. Once it has the session, what keeps it from
posting a million times on that session? CF has to set something on the
client (cookie or token or something) to keep the session alive, and
couldn't the browser/spider spoof that?
John
-----Original Message-----
From: Bryan F. Hogan [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 17, 2004 10:16 AM
To: CF-Talk
Subject: Re: cfmx and CAPTCHA
A session value passes in a HTTP header?
Burns, John D wrote:
> I don't think he's saying that the spider can _read_ the session var,
> but if you set one and it is passed to the next page, the spider will
> have it and then all it needs to do is figure out the image.
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
[Donations and Support]
- Re: cfmx and CAPTCHA Bryan F. Hogan
- RE: cfmx and CAPTCHA Burns, John D
- RE: cfmx and CAPTCHA Burns, John D
- Re: cfmx and CAPTCHA Bryan F. Hogan
- Re: cfmx and CAPTCHA Thomas Chiverton
- Re: cfmx and CAPTCHA Bryan F. Hogan
- authentication... techmike
- RE: authentication... Tom Kitta
- RE: cfmx and CAPTCHA Dave Watts
- Re: cfmx and CAPTCHA Bryan F. Hogan
- Re: cfmx and CAPTCHA Burns, John D
- Re: cfmx and CAPTCHA Bryan F. Hogan
- RE: cfmx and CAPTCHA Pascal Peters
- Re: cfmx and CAPTCHA Thomas Chiverton
- RE: cfmx and CAPTCHA Burns, John D
- Re: cfmx and CAPTCHA Bryan F. Hogan
- RE: cfmx and CAPTCHA Burns, John D
- Re: cfmx and CAPTCHA Bryan F. Hogan
- RE: cfmx and CAPTCHA Dave Watts
- RE: cfmx and CAPTCHA Dave Watts
- RE: cfmx and CAPTCHA Joe Rinehart