CHAPTER 8 ?– USING THE ASP.NET AJAX CONTROL TOOLKIT (PART 2) 181
"CustomChallengeResponse" />
Let??™s briefly look at the CustomChallengeResponse method in the page??™s code behind:
protected void CustomChallengeResponse(object sender, NoBotEventArgs e)
{
Panel p = new Panel();
p.ID = "NoBotSamplePanel";
Random rand = new Random();
p.Width = rand.Next(300);
p.Height = rand.Next(200);
p.Style.Add(HtmlTextWriterStyle.Visibility, "hidden");
p.Style.Add(HtmlTextWriterStyle.Position, "absolute");
((NoBot) sender).Controls.Add(p);
e.ChallengeScript = string.Format("var e = document.getElementById('{0}');
e.offsetWidth * e.offsetHeight;", p.ClientID);
e.RequiredResponse = (p.Width.Value * p.Height.Value).ToString();
}
This method is trying to access and set properties accessible only in the browser
DOM in an effort to verify the validity of the user and the absence of bots. One key object
here is NoBotEventArgs, which contains the event arguments of the underlying object.
BOTS/automated agents are usually incapable of processing JavaScript and also obviously
do not have the browser DOM that browsers have, therefore failing the brief but
often effective test code of the CustomChallengeResponse method.
Pages:
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264