Investigate security problem of showing too much information in the client

desirepath41 / visualCaptcha-PHP

visualCaptcha for PHP

MIT License

101 stars 29 forks source link

Investigate security problem of showing too much information in the client #13

Closed BrunoBernardino closed 10 years ago

BrunoBernardino commented 11 years ago

https://gist.github.com/ipeychev/6258587 has a very low break rate (< 5%), but it's still a problem.

Would a solution come up by the refactoring to become more backend-agnostic (using "APIs" to fetch the necessary data, hidding field names, etc. in the client)?

BrunoBernardino commented 10 years ago

Fixed in the latest branch.