© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
By a concidence?, I received 20 bogus 'Launchpad: complete your registration.' yesterday night.
So I see what you mean. I see two things we could do to hinder the use of bots on that page:
1) Check the referer on the POST to be the actual form. I bots don't fake sane referer by default, that would stop a few of them.
2) Use a nonce on the form, so that the bots would need to fetch the form and support cookies to register.
I think 2 is probably more robust than 1, but the former is a lot cheaper.
What do you think?