Who can’t use the client interface?

At Altarama we take the privacy of your client’s questions very seriously, and we value the integrity of your service. Without the need for time wasting “captcha” style devices RefTracker tries to always be one step ahead of hackers, spammers and formbots by preventing them from submitting questions to your service (however a Captcha can be easily added to our forms, should a hacker break our significant defences). Our URL’s are also tamper proof ensuring they can’t be re-used by hackers, and that no one can obtain any information about any question that was not submitted by themselves.

An important part of our defences against malicious users is that, apart from the Question field (where special encoding allows HTML to be submitted and then encoded to ensure it can never be executed), by default, client’s cannot enter HTML into any other fields of the RefTracker request forms (to prevent malicious code from being inserted that way).  System administrators should review parameter 2.41 in relation to options to allow client’s to submit HTML in more fields than just the Question field.