Learn More
Resend Email
11
Worst security bug/feature you've seen?
Week 25 Group Rant
CodeMasterAlex
8y

Thought I'd share another one with you. Last year I saw a turorial posted on LinkedIn about how to create a captcha in ASP.NET. The turorial itself wasn't that bad but it made me laugh so hard because the writer thought of a neat way to input the desired captcha code to the handler that generated the image. Guess how? In the query string. That totally defeats its purpose. How on earth did he come up with that. So much for securing your form submission through captcha. Of course when I commented about it he didn't reply. I hope no one actually used that tutorial.

undefined

wk25
Favorite
Ranter
Comments
  • 0
    8y
    When I did mine in .net, I generated random pass phrase and generated an asp:Image object (with the random pass phrase & random image filters) on page load.
    The answer is encrypted in a hidden form element and validated on post back.
    It works well. :)
  • 0
    8y
    Wow...there's stupid and then there is special. That is just special.
Related Rants
devRant © 2021 Hexical Labs LLC
Privacy Policy  |  Terms of Service
Add Comment