WingNews logo WingNews
top | item 40380504

(no title)

tomschlick | 1 year ago

Or just have your magic link include a "Confirm Login" button once it loads that sends a POST so automated clients don't cause issues.

discuss

order

berkes|1 year ago

... potentially enriched with JS that hides that button and does a POST for you on documentLoad or such.

That way, for a "normal human" it works like they expect, is technically correct, and doesn't trigger on backends fetching the resource. Unless they fetch the resource with some headless chrome or such. Which, unfortunately, is rather necessary these days.

zinekeller|1 year ago

> ... potentially enriched with JS that hides that button and does a POST for you on documentLoad or such.

Don't do this, most bots now actually load JavaScript.