Comments on: reCAPTCHA and XHTML

Comments on: reCAPTCHA and XHTML http://rickardandersson.com/recaptcha-and-xhtml The general consensus among clients is that they are your only client. Tue, 16 Mar 2010 19:26:02 +0000 http://wordpress.org/?v=3.0-alpha hourly 1 By: Boriel http://rickardandersson.com/recaptcha-and-xhtml#comment-54061 Boriel Wed, 29 Jul 2009 11:08:21 +0000 http://rickardandersson.com/?p=121#comment-54061 I've published a fix so reCaptcha passes XHTML 1.0 Strict validation: http://www.boriel.com/2009/07/29/xhtml-strict-valid-recaptcha/ I’ve published a fix so reCaptcha passes XHTML 1.0 Strict validation: http://www.boriel.com/2009/07/29/xhtml-strict-valid-recaptcha/

]]> By: jive http://rickardandersson.com/recaptcha-and-xhtml#comment-18416 jive Wed, 16 Apr 2008 04:35:56 +0000 http://rickardandersson.com/?p=121#comment-18416 I used that recaptcha and still got tons of spam. I have a blogpost on somethings you can do to lower the amount of spam in wordpress. http://jivebay.com/2008/02/10/wordpress-spam-prevention-hack/ Akismet is more of a filtering tool than prevention. I also have some posts on ways to prevent spam on PunBB ;) I used that recaptcha and still got tons of spam. I have a blogpost on somethings you can do to lower the amount of spam in wordpress.
http://jivebay.com/2008/02/10/wordpress-spam-prevention-hack/
Akismet is more of a filtering tool than prevention.

I also have some posts on ways to prevent spam on PunBB ;)

]]> By: Ben Maurer http://rickardandersson.com/recaptcha-and-xhtml#comment-17535 Ben Maurer Tue, 26 Feb 2008 00:58:24 +0000 http://rickardandersson.com/?p=121#comment-17535 Hi, We already have an API that allows one to avoid document.write (our ajax API). This doesn't solve the iframe issue. In terms of making an option -- I want to get a real fix, not a hack. If we add the option, it will bloat up the API until the end of time. It's also more code that we have to test (HTML & CSS have a funny way of breaking depending on where they get embeded). - Ben Hi,

We already have an API that allows one to avoid document.write (our ajax API). This doesn’t solve the iframe issue.

In terms of making an option — I want to get a real fix, not a hack. If we add the option, it will bloat up the API until the end of time. It’s also more code that we have to test (HTML & CSS have a funny way of breaking depending on where they get embeded).

- Ben

]]> By: Rickard http://rickardandersson.com/recaptcha-and-xhtml#comment-17533 Rickard Mon, 25 Feb 2008 21:37:06 +0000 http://rickardandersson.com/?p=121#comment-17533 Hi Ben, Thanks for the reply. I see your point and I understand that you want to avoid any issues for existing users, but if that's the case, then why not make it optional? When enabled, recaptcha would output compliant markup and supply the "challenge script" on your server with an additional parameter (apart from the API key) so that it knows whether to use document.write or to use the DOM. With this in place, there's zero risk of incompatibilities for existing users and you give people the option of using recaptcha on XHTML sites. I did notice someone on your team posted "I don't think that it's really worth going to the trouble of having a configurable option for this" so I guess there's no point in me even bringing this up. By the way. I don't in any way consider myself to be a "trend setter in standards compliance". I'm just a tad anal about things like this and I know there are a lot of people like me. Hi Ben,

Thanks for the reply. I see your point and I understand that you want to avoid any issues for existing users, but if that’s the case, then why not make it optional? When enabled, recaptcha would output compliant markup and supply the “challenge script” on your server with an additional parameter (apart from the API key) so that it knows whether to use document.write or to use the DOM. With this in place, there’s zero risk of incompatibilities for existing users and you give people the option of using recaptcha on XHTML sites.

I did notice someone on your team posted “I don’t think that it’s really worth going to the trouble of having a configurable option for this” so I guess there’s no point in me even bringing this up.

By the way. I don’t in any way consider myself to be a “trend setter in standards compliance”. I’m just a tad anal about things like this and I know there are a lot of people like me.

]]> By: Ben Maurer http://rickardandersson.com/recaptcha-and-xhtml#comment-17530 Ben Maurer Mon, 25 Feb 2008 17:24:59 +0000 http://rickardandersson.com/?p=121#comment-17530 Hi, I'm an engineer on the reCAPTCHA team. First of all, that statement is simply saying that the reCAPTCHA team doesn't have the time to develop XHTML compliance fixes. However, that doesn't mean we don't want them or that we won't accept patches. We've seen a number of patches for the wordpress plugin. However, each one has had a number of issues that could cause problems for existing users. For example, part of the fix requires using the w3c specified tag rather than the de facto standard tag for users without Javascript. Including this change would require us to do quite a bit of testing to ensure that it really is compatible. Another change could have potentially prevented the "post comment" button from showing up in some themes. We're more than willing to include a well tested, low-risk XHTML compliance patch. Our mailing list has some comments about how to apply these fixes on your own for people who are trend setters in standards compliance. However, we feel that it's irresponsible to make changes that might cause issues for users for the sole purpose of satisfying the w3c validator For what it's worth, very few "web 2.0" APIs are actually XHTML compliant (adsense & google maps use iframes and document.write). -Ben Hi,

I’m an engineer on the reCAPTCHA team.

First of all, that statement is simply saying that the reCAPTCHA team doesn’t have the time to develop XHTML compliance fixes. However, that doesn’t mean we don’t want them or that we won’t accept patches.

We’ve seen a number of patches for the wordpress plugin. However, each one has had a number of issues that could cause problems for existing users. For example, part of the fix requires using the w3c specified tag rather than the de facto standard tag for users without Javascript. Including this change would require us to do quite a bit of testing to ensure that it really is compatible. Another change could have potentially prevented the “post comment” button from showing up in some themes.

We’re more than willing to include a well tested, low-risk XHTML compliance patch. Our mailing list has some comments about how to apply these fixes on your own for people who are trend setters in standards compliance. However, we feel that it’s irresponsible to make changes that might cause issues for users for the sole purpose of satisfying the w3c validator

For what it’s worth, very few “web 2.0″ APIs are actually XHTML compliant (adsense & google maps use iframes and document.write).

-Ben

]]>