Hacker News new | past | comments | ask | show | jobs | submit login

Here is a patch for subscribe.php ( to address the captcha issue from this post and another issue that allows bypassing double-opt-in by setting silent=true: https://pastebin.com/dT1NszTt

this change requires verifying secret api key in the subform=no case and restricts opt_in bypass to this subscribe api usage (since captcha is not good enough to stop all bots)

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact