Mailchimp的“验证码”验证如何工作?
[英]How does Mailchimp's “Captcha” validation work?
问题描述
Here is the snippet of code I am referring to: 
这是我指的代码片段:
<!-- real people should not fill this in and expect good things - do not remove this or risk form bot signups-->
<div style="position: absolute; left: -5000px;">
<input type="text" name="[IDENTIFYING CODE HERE]" value="">
</div>
The form is then sent off to their site where JavaScript (jQuery) validation takes place. 然后将该表格发送到他们的JavaScript(jQuery)验证所在的站点。
<script type="text/javascript" src="http://downloads.mailchimp.com/js/jquery.mailcheck.min.js"></script>
<script type="text/javascript">
$(document).ready(function(){
try {
var domains =['hp.com','hotmail.co.uk','yahoo.co.uk','yahoo.com.tw','yahoo.com.au','yahoo.com.mx','gmail.com','hotmail.com','yahoo.com','aol.com','comcast.net','msn.com','seznam.cz','sbcglobal.net','live.com','bellsouth.net','hotmail.fr','verizon.net','mail.ru','btinternet.com','cox.net','yahoo.com.br','bigpond.com','att.net','yahoo.fr','mac.com','ymail.com','googlemail.com','earthlink.net','xtra.co.nz','me.com','yahoo.gr','walla.com','yahoo.es','charter.net','shaw.ca','live.nl','yahoo.ca','orange.fr','optonline.net','gmx.de','wanadoo.fr','optusnet.com.au','rogers.com','web.de','ntlworld.com','juno.com','yahoo.com.sg','rocketmail.com','yandex.ru','yahoo.co.in','centrum.cz','live.co.uk','sympatico.ca','libero.it','walla.co.il','bigpond.net.au','yahoo.com.hk','ig.com.br','live.com.au','free.fr','sky.com','uol.com.br','abv.bg','live.fr','terra.com.br','hotmail.it','tiscali.co.uk','rediffmail.com','aim.com','blueyonder.co.uk','telus.net','bol.com.br','hotmail.es','email.cz','windowslive.com','talktalk.net','home.nl','t-online.de','yahoo.de','telenet.be','163.com','embarqmail.com','windstream.net','roadrunner.com','bluewin.ch','skynet.be','laposte.net','yahoo.it','qq.com','live.dk','planet.nl','hetnet.nl','gmx.net','mindspring.com','rambler.ru','iinet.net.au','eircom.net','yahoo.com.ar','wp.pl','mail.com','emmis.com','hotmail.de','lireo.com','gmx.at','ukr.net','zol.co.zw'];
var tdomains = [];
$('#MERGE0').on('blur', function() {
$(this).mailcheck({
domains: domains,
topLevelDomains: tdomains,
suggested: function(element, suggestion) {
var msg = 'Hmm, did you mean '+suggestion.full+'?';
if ( $('#MERGE0_mailcheck').length > 0 ){
$('#MERGE0_mailcheck').html(msg);
} else {
element.after('<div id="MERGE0_mailcheck" class="errorText">'+msg+'</div>');
}
},
empty: function(element) {
if ( $('#MERGE0_mailcheck').length > 0 ){
$('#MERGE0_mailcheck').remove();
}
return;
}
});
});
} catch(e){ console.log(e); }
});
</script>
In laymen's terms how does this "captcha" work? 用外行的话来说,这个“验证码”是如何工作的?
What prevents a bot from recognizing this and skipping that field? 是什么导致机器人无法识别并跳过该字段?
What prevents a person from accidentally tabbing into that field and entering something? 是什么防止一个人意外进入该字段并输入内容?
Unless I am missing something this seems like it wouldn't be very effective, however it seems to be working? 除非我遗漏了某些东西,否则这似乎不是很有效,但是似乎可行吗?
1 个解决方案
解决方案1
0 2014-02-26 18:16:09
What prevents a bot from recognizing this and skipping that field?
Nothing, and some will. 没什么,有些会。
It will however continue to be as effective as any other honeypot (this is a honeypot, not a captcha). 但是,它将继续与任何其他蜜罐一样有效(这是蜜罐,而不是验证码)。 No one spam prevention method is the end-all solution to spam prevention. 没有一种垃圾邮件预防方法是垃圾邮件预防的最终解决方案。 This is just one method that can and should be combined with others. 这只是可以并且应该与其他方法结合使用的一种方法。 This particular method prevents the bot from skipping the form (assuming the input gets a new name every time) and forces the bot to identify that field as a honey pot in order to successfully complete the form. 这种特殊的方法可以防止漫游器跳过表单(假设每次输入都会得到一个新名称),并强制漫游器将该字段标识为蜜罐,以便成功完成表单。 It should be pretty effective against most spider spam, but if someone really wanted to use it to cause spam it can be beaten. 对于大多数蜘蛛垃圾邮件,它应该是非常有效的,但是如果有人真的想用它来导致垃圾邮件,则可以将其击败。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.