Path: csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!gegeweb.org!de-l.enfer-du-nord.net!feeder1.enfer-du-nord.net!feeds.phibee-telecom.net!dedekind.zen.co.uk!zen.net.uk!hamilton.zen.co.uk!shaftesbury.zen.co.uk.POSTED!not-for-mail
From: Nobody <nobody@nowhere.com>
Subject: Re: Strategy to Verify Python Program is POST'ing to a web server.
Date: Sun, 19 Jun 2011 05:47:30 +0100
User-Agent: Pan/0.14.2 (This is not a psychotic episode. It's a cleansing moment of clarity.)
Message-Id: <pan.2011.06.19.04.46.38.578000@nowhere.com>
Newsgroups: comp.lang.python
References: <d8c7dc52-0c54-4b29-a7b6-bcd833686611@q12g2000prb.googlegroups.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Lines: 15
Organization: Zen Internet
NNTP-Posting-Host: e4e950df.news.zen.co.uk
X-Trace: DXC=ChhcBOC79kU;]D5:oaTZ6Wnok4Z\<mH4YhDU:2=XKPkX`AVFU<X0\DSQOMCU8L]ShW2=TcE7:9^DY
X-Complaints-To: abuse@zen.co.uk
Xref: x330-a1.tempe.blueboxinc.net comp.lang.python:7941

On Sat, 18 Jun 2011 04:34:55 -0700, mzagursk@gmail.com wrote:

> I am wondering what your strategies are for ensuring that data
> transmitted to a website via a python program is indeed from that
> program, and not from someone submitting POST data using some other
> means.

> Any remedy?

Supply the client with tamper-proof hardware containing a private key.

Either that, or just accept that it cannot be done. Compare the amount of
effort game developers put into trying to implement tamper-proofing in
software with how little success they've had.