> dynamic "secret" key fetching from some backend via JS that gets injected into... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

parasti on June 17, 2022 | parent | context | favorite | on: Redbean 2.0 turned into more than a hobby project

> dynamic "secret" key fetching from some backend via JS that gets injected into the form and works as a "password" to successfully trigger the email to get sent

Are you describing nonces? A nonce is basically a "secret" (due to SSL encryption) number inserted into the HTML and submitted via a form. You don't need JS, just SSL.

capableweb on June 17, 2022 [–]

Yeah, but in simpler terms :)

Making it require JS is on purpose as a lot of spam robots only parse HTML and don't execute JS, so you get less spam that way.

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact