httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eugene Lee <list-apa...@fsck.net>
Subject Re: [users@httpd] preventing image theft
Date Fri, 04 Jun 2004 11:13:42 GMT
On Thu, Jun 03, 2004 at 07:27:10PM +0200, Robert Andersson wrote:
: Eugene Lee wrote:
: >
: > Almost every article out there that deals with image theft uses the
: > Referer header.  The main problem with this method is that the Referer
: > information may be stripped automatically on users' machines that have
: > some kind of draconian 3rd-party firewall product.  Any suggestions on
: > how to deal with users with missing Referer headers are appreciated.
: 
: Only deny when the request includes a Referer header, and when it is wrong.
: Allow otherwise. That won't stop all, but most, which should be your goal.

Rats.  I was hoping for a better solution that dealt with missing
Referer headers.  I guess the appropriate solution would be to write
a CGI wrapper for the images, which will take some work.  Oh well,
thanks for confirming what I had known and feared.  :-)


-- 
Eugene Lee

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message