On Wed, 2017-01-25 at 10:46 -0600, Andy Doan wrote: > My ITS recently noticed that some people are using the registration > form > on our patchwork servers to send out confirmation emails to random > addresses. I was wondering if anyone else had experienced that or > had > implemented some type of protection against this abuse?
I don't operate a Patchwork instance so I can't say about the regularity of such abuse. Jeremy might be able to offer better advice, however. > From the looks of the patchwork code, there's nothing built in. > However, it does look like we might be able to easily add a captcha > type > field to the registration form[1]. Would this be something of > interest > to you guys? Sounds good to me. If it could be an optional component (i.e. one could run Patchwork without whatever dependencies captcha support would provide), I'd be happy to take a patch. Cheers, Stephen > 1: > https://tryolabs.com/blog/2012/03/02/django-adding-captcha-validation > -forms/ > _______________________________________________ > Patchwork mailing list > [email protected] > https://lists.ozlabs.org/listinfo/patchwork _______________________________________________ Patchwork mailing list [email protected] https://lists.ozlabs.org/listinfo/patchwork
