> From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Peter Reitsma > Sent: woensdag 31 maart 2004 15:43 > To: [EMAIL PROTECTED] > Subject: RE: Script kiddies and the MMBase poll > > The impossibility of building a watertight accept cookie > detection lies in the impossibility to place a cookie on the > response and detect this cookie during the same request > (there is no such method like response.getCookie(), cookies > have to land on the browser first :).
It's not just that. The user can always clear the cookies after voting, so a cookie-based policy is always easy to tamper with. Rob van Maris Technical Consultant Quantiq xmedia & communication solutions Koninginneweg 11-13 1217 KP Hilversum T +31 (0)356257211 M +31 (0)651444006 E [EMAIL PROTECTED]