[whatwg] Bot protection
Robert Accettura
robert at accettura.com
Mon Dec 27 16:51:27 PST 2004
The one thing I'd *really* like to see is some method to prevent bots,
but mantain accessibility (something a CAPTCHA doesn't provide). A
bot=false type of solution doesn't really mean much, since that requires
the UA to be honest.
Were all familiar with blog spam (i'm being bombarded as we speak). But
just think about how abusive script kiddies can be with web
applications. The possibilities are as endless as the applications that
can be created.
I'd just like a simple method that is accessible, forces the user to do
*something* that a bot can't just do. So humans need to be involved.
I've heard it be suggested as an alternative for CAPTCHA's a website
should provide an audio version. What's really needed is a standard
approach to follow. A specific tag for human validation so honest UA's
know what it is and can respect it, and perhaps even decide from a list
of options...
In sillysyntax(tm):
<captcha type="multi">
<option method="img" type="text"/>
<option method="audio" type="text"/>
<option method="esp" type="text"/>
</captcha>
In the above, the UA would realize human interaction is needed. It has
been given a choice of 3 options and enter text based upon them. This
way a visually impared person can choose to never use an img. And a
deaf person can choose never to use audio.
Obviously my sillysyntax isn't good, and I'm sure there's a better way
to illustrate what I'm thinking, but hopefully someone else can build
upon this.
I'd just want a way to ensure no automation, and still be accessible.
IMHO that's very important.
--
Robert J. Accettura
robert at accettura.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: robert.vcf
Type: text/x-vcard
Size: 131 bytes
Desc: not available
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20041227/f1951722/attachment-0001.vcf>
More information about the whatwg
mailing list