[development] access module
Balazs Dianiska
csillagasz at gmail.com
Fri Aug 22 15:55:54 UTC 2008
> I wouldn't worry too much about misuse, since people could just visit the
> page hundreds of times anyway to achieve the same result - just make a post
> request to a javascript menu callback, and log from there.
I was concerned about that one could fabricate a post call and do it
programmaticaly. Having validation at least requires semi-real visits
from a JS capable browser and some automatization, which hopefully is
a little bit more difficult to do on large scale than the fabrication.
However it just dawned on me that I could just check for a session in
the callback code, which should prevent most fabrications to work.
Earnie: yes I looked at other alternatives, but none of them seems to
give me the simple output of the standard access module, just more
accurately (-bots).
Thanks for the feedback,
Balazs
More information about the development
mailing list