httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Meadors <>
Subject Re: [users@httpd] Handler for images in a directory.
Date Tue, 04 Mar 2003 05:27:00 GMT
Garth Winter Webb wrote:

> What exactly do you mean by "dumping it from the drive"?  I still don't
> understand what this CGI is doing and why it makes it harder to get the
> image.  The only possibility I can think of is that your script can
> somehow tell that the image is being requested by a browser that has
> just loaded your popup window as opposed to some guy entering a direct
> URL.

He and I don't want to have to make 400 HTML documents, one for each 
image.  The links all over his site already pop-up windows with the tool 
bars disabled.  But they link directly to the image.  So I need 
something that takes the image link, and returns an HTML document 
instead, that has the image displayed inside it.  This HTML document 
disables the context menu.

> But as stated before, it is simply impossible to show images on a page,
> yet not let people copy those images.  Really all you can hope to do is
> make it *hard enough* so that a certain percentage of your audience will
> give up before succeeding.

I agree, and so does the guy that owns the site.

> Furthermore, this percentage has a ceiling.  At some point, the people
> who continue trying to load your image will give up attacking the CGI
> wall you are building and simply turn their browser cache on, load your
> page and then harvest the disk cache for the image.
> So, the best thing for you to do is make your technique just as much a
> bother as rooting through the disk cache, otherwise its a wasted
> effort.  In my opinion, a popup window without a toolbar and javascript
> to disable right clicking meets that amount of bother.

Exactly what he is doing, except the right clicking was still enabled. 
So each image needed to be wrapped in HTML.

Since all the links where there, and the images were in one directory. 
I thought that Apache's "Action" on the image/jpeg for the directory 
would be nice.  I wrote a quick CGI script that would just output the 
needed HTML and included <img src="/protected-dir/image.jpg">, but 
before I even put it in place I relized that just because the image was 
being loaded in the handler, didn't mean it wouldn't be parsed by the 
handler again.  So I wrote a second cgi script that could be passed a 
URI and it would fetch it from the disk, not through the server, and 
just dump the contents of the file after the propper headers. So it 
ended up looking like <img 

That works but feels too hackish.  I really just wanted one script that 
would do it all, and could use the image's URL internally.

So what I'm thinking now is, have the handler check to see if the 
HTTP_REFERER equals REQUEST_URL, that will mean that the handler has 
called itself, in that case, open the image file, write the Content-type 
header then write the file to the standard out, else write the HTML 
document that has an inline image with the src equal to the REQUEST_URI.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message