[whatwg] Bot protection

Ian Hickson ian at hixie.ch
Thu Jan 6 09:35:30 PST 2005

On Mon, 27 Dec 2004, Robert Accettura wrote:
> The one thing I'd *really* like to see is some method to prevent bots, 
> but mantain accessibility (something a CAPTCHA doesn't provide).  A 
> bot=false type of solution doesn't really mean much, since that requires 
> the UA to be honest. Were all familiar with blog spam (i'm being 
> bombarded as we speak).  But just think about how abusive script kiddies 
> can be with web applications.  The possibilities are as endless as the 
> applications that can be created.

I'll echo what mpt said -- you can currently do this with either HTTP 
Accept: headers or with HTML <object>. For example:

    What is this? 
    <object data="captcha-jpeg.cgi?id=125135">
     <object data="captcha-mp3.cgi?id=125135">
      (This server only supports audio and visual CAPTCHAs.
      For help, please contact ...)
    <input type="text" name="captcha">

I don't really see a better way to do it.

Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

More information about the whatwg mailing list