473,327 Members | 2,071 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,327 software developers and data experts.

protecting images with asp

I read Aaron's article: http://www.aspfaq.com/show.asp?id=2276 re:
protecting images from linked to by other sites. There is a link at the
bottom of that page that references an interesting article about ways of
protecting your images from being downloaded. It was my understanding that
if the client sees it, then it's in the client cache. Am I wrong in this
belief or not?

I took the information in the article and created the .asp that renders one
image vs another depending on the HTTP_REFERER. I also added the no-right
click and turned off the image gallery with the META tag and I put a
transparent gif image over the other image that is inside a span and set to
the background.

One thing I found, which was not mentioned, was that I was able to put the
..asp file loading in the .css file with:
background: url(/images/filename.asp)

I didn't see any references to doing it that particular way. However, I
would like to see if anyone can get past these settings and actually obtain
the image and in what way can it still be done. I would think you could
just pull it out of your browser cache if you really wanted it.

http://kiddanger.com/images/badtest.asp

Another interesting side-effect is that one you track down the .asp file and
try to load it directly, it shows the other image but it also disables
viewing the source from either right-click or from the pull-down menu and if
you then click your back button on your browser, the image size of the
original image is there but it is populated with multiple instances of the
alternate image. Then if you click the refresh button on the toolbar, the
original image returns.

I don't have any other browsers installed. I'm using
IE6.0.2800.1106.xpsp2.030422-1633. I'm wondering what the effects are with
others. I would appreciate feedback from those of you who do have other
browsers installed.

--
Roland

This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability o
r fitness for a particular purpose.
-Technet Knowledge Base-
http://support.microsoft.com/default...&ln=EN-US&FR=0
-Technet Script Center-
http://www.microsoft.com/technet/tre...er/default.asp
-WSH 5.6 documentation download-
http://www.microsoft.com/downloads/d...displaylang=en
-MSDN Library-
http://msdn.microsoft.com/library/default.asp
Jul 19 '05 #1
12 2164

"Roland Hall" <nobody@nowhere> wrote in message
news:e1**************@TK2MSFTNGP12.phx.gbl...
I read Aaron's article: http://www.aspfaq.com/show.asp?id=2276 re:
I took the information in the article and created the .asp that renders one image vs another depending on the HTTP_REFERER. I also added the no-right
click and turned off the image gallery with the META tag and I put a
transparent gif image over the other image that is inside a span and set to the background.

No, the point of that article is to prevent hot-linking, not to prevent
people from saving your images. Everyone knows that you can't get around
that. This is to avoid Joe Malicious Bastard Webmaster from using <img
src="http://www.mysite.com/myimage/using/my/bandwidth.jpg">

Ray at work
Jul 19 '05 #2

"Roland Hall" <nobody@nowhere> wrote in message
news:e1**************@TK2MSFTNGP12.phx.gbl...

I didn't see any references to doing it that particular way. However, I
would like to see if anyone can get past these settings and actually obtain the image and in what way can it still be done. I would think you could
just pull it out of your browser cache if you really wanted it.

http://kiddanger.com/images/badtest.asp


Prnt Scrn

Ray at work
Jul 19 '05 #3
"Ray at <%=sLocation%>" wrote:
: "Roland Hall" wrote:
: > I read Aaron's article: http://www.aspfaq.com/show.asp?id=2276 re:
:
: >
: > I took the information in the article and created the .asp that renders
: one
: > image vs another depending on the HTTP_REFERER. I also added the
no-right
: > click and turned off the image gallery with the META tag and I put a
: > transparent gif image over the other image that is inside a span and set
: to
: > the background.
:
:
: No, the point of that article is to prevent hot-linking, not to prevent
: people from saving your images. Everyone knows that you can't get around
: that. This is to avoid Joe Malicious Bastard Webmaster from using <img
: src="http://www.mysite.com/myimage/using/my/bandwidth.jpg">

Yes. I think you missed this part of the first sentence and perhaps I
didn't say it correctly. "protecting images from linked to by other sites."
We are actually in agreement here.

The rest of my post was in ref. to the link at the bottom of the page which
is actually a totally different article.

Roland
Jul 19 '05 #4
"Ray at <%=sLocation%>" wrote:
: "Roland Hall" wrote:

: > I didn't see any references to doing it that particular way. However, I
: > would like to see if anyone can get past these settings and actually
: obtain
: > the image and in what way can it still be done. I would think you could
: > just pull it out of your browser cache if you really wanted it.
: >
: > http://kiddanger.com/images/badtest.asp
:
: Prnt Scrn

Ok, so I still need the watermark.

Is that the only way or is it also available in the browser cache?

Roland
Jul 19 '05 #5

"Roland Hall" <nobody@nowhere> wrote in message
news:Om**************@TK2MSFTNGP12.phx.gbl...

The rest of my post was in ref. to the link at the bottom of the page which is actually a totally different article.


Ah, I see now.

Ray at work
Jul 19 '05 #6

"Roland Hall" <nobody@nowhere> wrote in message
news:un**************@TK2MSFTNGP10.phx.gbl...

Is that the only way or is it also available in the browser cache?


No, it doesn't. Nice!

Ray at work
Jul 19 '05 #7
The point is not to prevent people from *saving* your images. You can't do
that... if the image shows up on my screen, I can do a PrintScreen and save
a copy. I made a half-joke in my article about protecting JavaScript, but
it really is true: if you want to protect your GIFs or JPGs, put them on a
floppy, stuff it into a mason jar, go out to the garden at midnight, and
bury it.

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/


"Roland Hall" <nobody@nowhere> wrote in message
news:e1**************@TK2MSFTNGP12.phx.gbl...
I read Aaron's article: http://www.aspfaq.com/show.asp?id=2276 re:
protecting images from linked to by other sites. There is a link at the
bottom of that page that references an interesting article about ways of
protecting your images from being downloaded. It was my understanding that if the client sees it, then it's in the client cache. Am I wrong in this
belief or not?

I took the information in the article and created the .asp that renders one image vs another depending on the HTTP_REFERER. I also added the no-right
click and turned off the image gallery with the META tag and I put a
transparent gif image over the other image that is inside a span and set to the background.

One thing I found, which was not mentioned, was that I was able to put the
.asp file loading in the .css file with:
background: url(/images/filename.asp)

I didn't see any references to doing it that particular way. However, I
would like to see if anyone can get past these settings and actually obtain the image and in what way can it still be done. I would think you could
just pull it out of your browser cache if you really wanted it.

http://kiddanger.com/images/badtest.asp

Another interesting side-effect is that one you track down the .asp file and try to load it directly, it shows the other image but it also disables
viewing the source from either right-click or from the pull-down menu and if you then click your back button on your browser, the image size of the
original image is there but it is populated with multiple instances of the
alternate image. Then if you click the refresh button on the toolbar, the
original image returns.

I don't have any other browsers installed. I'm using
IE6.0.2800.1106.xpsp2.030422-1633. I'm wondering what the effects are with others. I would appreciate feedback from those of you who do have other
browsers installed.

--
Roland

This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability o r fitness for a particular purpose.
-Technet Knowledge Base-
http://support.microsoft.com/default...&ln=EN-US&FR=0 -Technet Script Center-
http://www.microsoft.com/technet/tre...er/default.asp -WSH 5.6 documentation download-
http://www.microsoft.com/downloads/d...displaylang=en -MSDN Library-
http://msdn.microsoft.com/library/default.asp

Jul 19 '05 #8
"Aaron Bertrand - MVP" wrote:
: The point is not to prevent people from *saving* your images. You can't
do
: that... if the image shows up on my screen, I can do a PrintScreen and
save
: a copy. I made a half-joke in my article about protecting JavaScript, but
: it really is true: if you want to protect your GIFs or JPGs, put them on a
: floppy, stuff it into a mason jar, go out to the garden at midnight, and
: bury it.

I'm all out of mason jars at the moment however, I'm not trying to protect
anything. This is purely academic.
What I meant, although I worded it poorly, was to prevent people from
linking from other sites, displaying the image on their web site and eating
up my bandwidth but again, I don't have any images I'm worried about.

Other than for research or educational purposes, there are roughly two times
I have asked questions in msnews and both went unanswered. One was on
printing with VI6.0 and the other one is an issue I have with favorites
being searched first in IE before trying to resolve the domain on the net.
Obviously they weren't asked in this NG.

--
Roland

This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose.
-Technet Knowledge Base-
http://support.microsoft.com/default...&ln=EN-US&FR=0
-Technet Script Center-
http://www.microsoft.com/technet/tre...er/default.asp
-WSH 5.6 documentation download-
http://www.microsoft.com/downloads/d...displaylang=en
-MSDN Library-
http://msdn.microsoft.com/library/default.asp
Jul 19 '05 #9
> Other than for research or educational purposes, there are roughly two
times
I have asked questions in msnews and both went unanswered. One was on
printing with VI6.0 and the other one is an issue I have with favorites
being searched first in IE before trying to resolve the domain on the net.
Obviously they weren't asked in this NG.


Well, hooray! Thanks for the drivel summarizing your history in msnews!

Meanwhile, I'm waiting for your point...

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
Jul 19 '05 #10

"Roland Hall" <nobody@nowhere> wrote in message
news:OM**************@tk2msftngp13.phx.gbl...
What I meant, although I worded it poorly, was to prevent people from
linking from other sites, displaying the image on their web site and eating up my bandwidth but again, I don't have any images I'm worried about.


I thought you said you were talking about the stuff at the bottom of the
article with people saving your images, not the hotlinking thing.

Ray at work
Jul 19 '05 #11
> I thought you said you were talking about the stuff at the bottom of the
article with people saving your images, not the hotlinking thing.


In the past 24 hours it seems Roland has been 99% hot air, 1% substance.
I'm sure it'll balance itself out over time.

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
Jul 19 '05 #12
In IE go to Tools; Internet Options; General TAB; Settings button; View Files
button. If you can see it, then it is on the client machine and in the client
cache.

Brian
Jul 19 '05 #13

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

24
by: Yang Li Ke | last post by:
Hi guys! Anyone know a way so that users purchasing my scripts would not be able to share them with other people ? Yang
13
by: Fotozine | last post by:
well, after several months of learning, writing and developing my site, (and colecting hunderts of users in few days) one person have "included" my whole site under his domain. in frameset: ...
10
by: simchajoy2000 | last post by:
Hi, I know that it is impossible to completely protect images on websites so that no one can get their hands on them. But there have to be a lot of ways to deter people from stealing images and...
7
by: Ron Gibson | last post by:
Lets say I have a folder members/3/ in this folder are images I have a login page that connects to a database to retrieve user info. After login the user is directed to a page that lists...
1
by: darrel | last post by:
I need to be able to password protect individual pages. For instance: /protected.aspx?id=123 /protected.aspx?id=555 Both would need to be only accessible to two different people (with their...
11
by: sarika | last post by:
Hi all I am making a website related to uploading art pieces. My requirement is to protect art pieces from being saved by any means. I dont want my images to be save in temporary internet...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
1
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.