httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eugene Lee <>
Subject Re: [users@httpd] preventing image theft
Date Fri, 04 Jun 2004 11:13:42 GMT
On Thu, Jun 03, 2004 at 07:27:10PM +0200, Robert Andersson wrote:
: Eugene Lee wrote:
: >
: > Almost every article out there that deals with image theft uses the
: > Referer header.  The main problem with this method is that the Referer
: > information may be stripped automatically on users' machines that have
: > some kind of draconian 3rd-party firewall product.  Any suggestions on
: > how to deal with users with missing Referer headers are appreciated.
: Only deny when the request includes a Referer header, and when it is wrong.
: Allow otherwise. That won't stop all, but most, which should be your goal.

Rats.  I was hoping for a better solution that dealt with missing
Referer headers.  I guess the appropriate solution would be to write
a CGI wrapper for the images, which will take some work.  Oh well,
thanks for confirming what I had known and feared.  :-)

Eugene Lee

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message