-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
As some folks may recall, an action=createaccount was added to the API a few weeks ago. Unfortunately the first pass didn't include CAPTCHA support, so we haven't been able to use it for the live sites yet (which use ConfirmEdit's "FancyCaptcha" mode). We expect to start using this in the next couple weeks for the mobile Commons apps, so it's time to make it captcha-friendly...
I've made a first stab at adding support, based on the existing captcha interfaces for login and editing:
Several questions:
# Will the action=createaccount be disabled by default? # If enabled, is the action=createaccount reserved to a specific user group? # At first blush this appears to be designed to enable xrumer bruting. Have you considered adding optional single-use otf image creation for fancy captcha, which would be more cost effective on small wikis? # There are several private modules for ConfirmEdit, as well as sites using different captchas based on ConfirmEdit (Asirra?) How might this interact with a site using a different (non-supported) captcha module?
Amgine