Sorry if I didn’t give you sufficient credit
My point was less about re-auth in general, but more about trying to detect who had a legitimately rotating IP address. If detected, cookies can’t be trusted… so force the user into an auth scheme that used cookies as secondary to something else. Primary would be SSL Certs or (shudder) Basic Auth over HTTPS.
Thoughts?
Here was the list I initially had:
That’s probably good enough for anonymous comments. These ones are also safe and useful for untrusted comments:
That’s 9 tags. If you want to add a video or an image, you could use a bit of DHTML or Flash to pop up a media selector widget for approved sites: Flickr, YouTube, etc. People get to select URLs to pages, but that’s it. On the back end, check the URL to see if it looks hacked. If so, reject it.
For trusted contributors, you could open it up even more and use tables, headers, links, etc… in which case you’re looking at closer to 20 tags.
For very trusted contributors, you get to use attributes like SRC for IMG, and maybe even SCRIPT nodes.
Of course, @dood mcdoogle summed it up quite well when he said that input filtering cannot ever be sufficient… so you always need an output filtering step. However, there’s no harm in pre-parsing your data and teaching your audience what will and what will not be tolerated.