Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Maybe it can't work. #20

Open
sunshuzhou opened this issue Mar 20, 2015 · 2 comments
Open

Maybe it can't work. #20

sunshuzhou opened this issue Mar 20, 2015 · 2 comments

Comments

@sunshuzhou
Copy link

Hi, there exists a problem, if we verify whether a user is human or bots in browser, bots can simply ignore the CAPTCHA and send packages the same as a human who passed the CAPTCHA.
@kroltan
Copy link

kroltan commented Feb 3, 2017

Not only that, but a bot can take hold of the DollarRecognizer instance and redraw the templates precisely. The templates should be server-side, along with the recognizer itself.

@LinzardMac
Copy link

Wouldn't that be the case with ANY client-side captcha/ verification? You always want a server side validation to double check.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@LinzardMac @kroltan @sunshuzhou