[CLOSED] remove recaptcha.net from suggested initial whitelist, owned by google now

[msxfm]

Issue by jsamuel
Thursday Dec 22, 2011 at 18:47 GMT
Originally opened as RequestPolicy/requestpolicy#40

---

imported trac ticket
created: 2009-09-18 06:59:07
reporter: justin

The initial whitelist that users are given the option to import when they use !RequestPolicy for the first time includes only one destination that is allowed from any origin: recaptcha.net. However, Google just bought reCAPTCHA:

http://www.techcrunch.com/2009/09/16/google-acquires-recaptcha-to-power-scanning-for-google-books-and-google-news/

So, we need to remove it from the suggested initial whitelist. (In case the reader of this wants an explanation of why this changes things: allowing any site to make requests to a Google property without the user's knowledge is exactly the opposite of what !RequestPolicy should do.)

It's a shame, too, as there are a handful of sites whose registration process is complicated by having reCAPTCHA blocked until after the user already has done some work.

[msxfm]

Comment by jsamuel
Thursday Dec 22, 2011 at 18:47 GMT

---

imported trac comment
created: 2009-09-20 15:56:30
author: justin

Fixed in r271.