On Sun, Mar 17, 2013 at 1:03 AM, Brad Jorsch <bjorsch(a)wikimedia.org> wrote:
This is also a captcha we're talking about. Its
primary purpose is to
prevent non-human interaction.
I know, but think about it this way: why would an API need to login using
CAPTCHA? Because it's going to render that CAPTCHA to the user, request
their login information, and then relay it to the API so that it can
perform whatever actions it needs to perform.
If we return just an HTML blob, then we are enforcing that the client
application show the user exactly that output. If we output
machine-readable information, then the client can render the CAPTCHA
however it wants.
*--*
*Tyler Romeo*
Stevens Institute of Technology, Class of 2015
Major in Computer Science
www.whizkidztech.com | tylerromeo(a)gmail.com