lol, possibly - except I'm not trying to hack anything or cause any harm, instead I am wanting to protect my own site which is under development from similar attacks. If it is possible to loophole the security features in MSIE or FF then I will have to secure my site in more ways than I have..
See, I am creating an online game - text based, anyways you perform certain actions by submiting forms. You can perform these actions say once every 2 mins.. JS can easily be used to mimic the form and submit it every 2 mins, I've secured that sort of script by checking the http_referer, I figure if the users browser doesn't send that header, though 😛
I have also secured my site against auto clicker/macroers that could be left on overnight by changing the order of the actions and a random button will appear that will not perform the action but log you out.
Now I am concerned about people using Javascript not just to mimic my form but to actually submit it. parent.mysitesframe.form.submit() 😛
I do not want to use number verification, but will only as a last resort - so any help would be greatly appreciated. Mind you if you don't trust me or think I'm up to no good then whatever, don't help - but don't make false accusations 😛
