On Sat, Mar 16, 2013 at 2:47 AM, Daniel Friesen daniel@nadir-seen-fire.comwrote:
On Thu, 14 Mar 2013 12:55:16 -0700, Brion Vibber bvibber@wikimedia.org wrote:
Text captchas will have a 'question' subfield to be presented; image
captchas will have a 'url' field which should be loaded as the image. 'type' and 'mime' will vary, and probably shouldn't be used too closely.
Some captchas (iirc ReCaptcha) won't give you easy access to the image. And this plan won't be compatible with the variety of new captcha types like the KittenAuth-like category of CAPTCHAs. Differentiating between the types just to support text CAPTCHAs (which are really the easiest CAPTCHAs to break) also sounds unfortunate.
We might just have to do something that outputs a blob of html or a url to a html document (either perhaps as a frame url or a url to fetch the blob of html from).
Each captcha type decides what fields to return, so an implementation of KittenAuth could return a blob of HTML if it wanted. It's up to the API client to know how to handle the different captcha types for display to the user.
Brion was just describing how the existing captcha types in the ConfirmEdit extension do it.