On 2013-03-11 4:32 PM, "Tyler Romeo" tylerromeo@gmail.com wrote:
Honestly, the solution could be as simple as requiring that the HTTP response have a certain header or something.
*--* *Tyler Romeo* Stevens Institute of Technology, Class of 2015 Major in Computer Science www.whizkidztech.com | tylerromeo@gmail.com _______________________________________________ Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Ok. I withdraw my security related objections :). Some sort of header based checking to make sure the posts are wanted sounds sane (provided that very initially a get request is used to verify this. Post requests to arbitrary unverified urls can be dangerous.).
-bawolff