How do I go about writing an access rule for images & binary data (like zip files, mp3's, wavs, etc.) that will return an access denied message if the HTTP_REFERER header doesn't match value(s) that I define? We're trying to discourage direct-linking to our images on other people's sites, but also need to have the ability to have exceptions, i.e. The image is hosted on somesite.com. Anypage from www.somesite.com, www.anysite.com (which is an affiliate), xyz.somesite.com, etc. can also link to the image. If the image isn't called from those pages, return either an access denied message, or an "Image hosted by somesite.com" image.
You might be able to do it with a 'precondition' - Image has that, it runs the precondiction script first, so you might use it for that. But you would have to do it for every image. Or... better would be to modify Image with a 'corePatch', using the hotfix method to override methods.
From: HoYin Au <hya-zope@bluesite.com> Date: Wed, 09 Jan 2002 02:12:23 -0500 To: zope@zope.org Subject: [Zope] Image Referers
How do I go about writing an access rule for images & binary data (like zip files, mp3's, wavs, etc.) that will return an access denied message if the HTTP_REFERER header doesn't match value(s) that I define? We're trying to discourage direct-linking to our images on other people's sites, but also need to have the ability to have exceptions, i.e.
The image is hosted on somesite.com. Anypage from www.somesite.com, www.anysite.com (which is an affiliate), xyz.somesite.com, etc. can also link to the image. If the image isn't called from those pages, return either an access denied message, or an "Image hosted by somesite.com" image.
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
participants (2)
-
HoYin Au -
marc lindahl