By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
428,659 Members | 940 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 428,659 IT Pros & Developers. It's quick & easy.

protecting images with asp

P: n/a
I read Aaron's article: http://www.aspfaq.com/show.asp?id=2276 re:
protecting images from linked to by other sites. There is a link at the
bottom of that page that references an interesting article about ways of
protecting your images from being downloaded. It was my understanding that
if the client sees it, then it's in the client cache. Am I wrong in this
belief or not?

I took the information in the article and created the .asp that renders one
image vs another depending on the HTTP_REFERER. I also added the no-right
click and turned off the image gallery with the META tag and I put a
transparent gif image over the other image that is inside a span and set to
the background.

One thing I found, which was not mentioned, was that I was able to put the
..asp file loading in the .css file with:
background: url(/images/filename.asp)

I didn't see any references to doing it that particular way. However, I
would like to see if anyone can get past these settings and actually obtain
the image and in what way can it still be done. I would think you could
just pull it out of your browser cache if you really wanted it.

http://kiddanger.com/images/badtest.asp

Another interesting side-effect is that one you track down the .asp file and
try to load it directly, it shows the other image but it also disables
viewing the source from either right-click or from the pull-down menu and if
you then click your back button on your browser, the image size of the
original image is there but it is populated with multiple instances of the
alternate image. Then if you click the refresh button on the toolbar, the
original image returns.

I don't have any other browsers installed. I'm using
IE6.0.2800.1106.xpsp2.030422-1633. I'm wondering what the effects are with
others. I would appreciate feedback from those of you who do have other
browsers installed.

--
Roland

This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability o
r fitness for a particular purpose.
-Technet Knowledge Base-
http://support.microsoft.com/default...&ln=EN-US&FR=0
-Technet Script Center-
http://www.microsoft.com/technet/tre...er/default.asp
-WSH 5.6 documentation download-
http://www.microsoft.com/downloads/d...displaylang=en
-MSDN Library-
http://msdn.microsoft.com/library/default.asp
Jul 19 '05 #1
Share this Question
Share on Google+
12 Replies


P: n/a

"Roland Hall" <nobody@nowhere> wrote in message
news:e1**************@TK2MSFTNGP12.phx.gbl...
I read Aaron's article: http://www.aspfaq.com/show.asp?id=2276 re:
I took the information in the article and created the .asp that renders one image vs another depending on the HTTP_REFERER. I also added the no-right
click and turned off the image gallery with the META tag and I put a
transparent gif image over the other image that is inside a span and set to the background.

No, the point of that article is to prevent hot-linking, not to prevent
people from saving your images. Everyone knows that you can't get around
that. This is to avoid Joe Malicious Bastard Webmaster from using <img
src="http://www.mysite.com/myimage/using/my/bandwidth.jpg">

Ray at work
Jul 19 '05 #2

P: n/a

"Roland Hall" <nobody@nowhere> wrote in message
news:e1**************@TK2MSFTNGP12.phx.gbl...

I didn't see any references to doing it that particular way. However, I
would like to see if anyone can get past these settings and actually obtain the image and in what way can it still be done. I would think you could
just pull it out of your browser cache if you really wanted it.

http://kiddanger.com/images/badtest.asp


Prnt Scrn

Ray at work
Jul 19 '05 #3

P: n/a
"Ray at <%=sLocation%>" wrote:
: "Roland Hall" wrote:
: > I read Aaron's article: http://www.aspfaq.com/show.asp?id=2276 re:
:
: >
: > I took the information in the article and created the .asp that renders
: one
: > image vs another depending on the HTTP_REFERER. I also added the
no-right
: > click and turned off the image gallery with the META tag and I put a
: > transparent gif image over the other image that is inside a span and set
: to
: > the background.
:
:
: No, the point of that article is to prevent hot-linking, not to prevent
: people from saving your images. Everyone knows that you can't get around
: that. This is to avoid Joe Malicious Bastard Webmaster from using <img
: src="http://www.mysite.com/myimage/using/my/bandwidth.jpg">

Yes. I think you missed this part of the first sentence and perhaps I
didn't say it correctly. "protecting images from linked to by other sites."
We are actually in agreement here.

The rest of my post was in ref. to the link at the bottom of the page which
is actually a totally different article.

Roland
Jul 19 '05 #4

P: n/a
"Ray at <%=sLocation%>" wrote:
: "Roland Hall" wrote:

: > I didn't see any references to doing it that particular way. However, I
: > would like to see if anyone can get past these settings and actually
: obtain
: > the image and in what way can it still be done. I would think you could
: > just pull it out of your browser cache if you really wanted it.
: >
: > http://kiddanger.com/images/badtest.asp
:
: Prnt Scrn

Ok, so I still need the watermark.

Is that the only way or is it also available in the browser cache?

Roland
Jul 19 '05 #5

P: n/a

"Roland Hall" <nobody@nowhere> wrote in message
news:Om**************@TK2MSFTNGP12.phx.gbl...

The rest of my post was in ref. to the link at the bottom of the page which is actually a totally different article.


Ah, I see now.

Ray at work
Jul 19 '05 #6

P: n/a

"Roland Hall" <nobody@nowhere> wrote in message
news:un**************@TK2MSFTNGP10.phx.gbl...

Is that the only way or is it also available in the browser cache?


No, it doesn't. Nice!

Ray at work
Jul 19 '05 #7

P: n/a
The point is not to prevent people from *saving* your images. You can't do
that... if the image shows up on my screen, I can do a PrintScreen and save
a copy. I made a half-joke in my article about protecting JavaScript, but
it really is true: if you want to protect your GIFs or JPGs, put them on a
floppy, stuff it into a mason jar, go out to the garden at midnight, and
bury it.

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/


"Roland Hall" <nobody@nowhere> wrote in message
news:e1**************@TK2MSFTNGP12.phx.gbl...
I read Aaron's article: http://www.aspfaq.com/show.asp?id=2276 re:
protecting images from linked to by other sites. There is a link at the
bottom of that page that references an interesting article about ways of
protecting your images from being downloaded. It was my understanding that if the client sees it, then it's in the client cache. Am I wrong in this
belief or not?

I took the information in the article and created the .asp that renders one image vs another depending on the HTTP_REFERER. I also added the no-right
click and turned off the image gallery with the META tag and I put a
transparent gif image over the other image that is inside a span and set to the background.

One thing I found, which was not mentioned, was that I was able to put the
.asp file loading in the .css file with:
background: url(/images/filename.asp)

I didn't see any references to doing it that particular way. However, I
would like to see if anyone can get past these settings and actually obtain the image and in what way can it still be done. I would think you could
just pull it out of your browser cache if you really wanted it.

http://kiddanger.com/images/badtest.asp

Another interesting side-effect is that one you track down the .asp file and try to load it directly, it shows the other image but it also disables
viewing the source from either right-click or from the pull-down menu and if you then click your back button on your browser, the image size of the
original image is there but it is populated with multiple instances of the
alternate image. Then if you click the refresh button on the toolbar, the
original image returns.

I don't have any other browsers installed. I'm using
IE6.0.2800.1106.xpsp2.030422-1633. I'm wondering what the effects are with others. I would appreciate feedback from those of you who do have other
browsers installed.

--
Roland

This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability o r fitness for a particular purpose.
-Technet Knowledge Base-
http://support.microsoft.com/default...&ln=EN-US&FR=0 -Technet Script Center-
http://www.microsoft.com/technet/tre...er/default.asp -WSH 5.6 documentation download-
http://www.microsoft.com/downloads/d...displaylang=en -MSDN Library-
http://msdn.microsoft.com/library/default.asp

Jul 19 '05 #8

P: n/a
"Aaron Bertrand - MVP" wrote:
: The point is not to prevent people from *saving* your images. You can't
do
: that... if the image shows up on my screen, I can do a PrintScreen and
save
: a copy. I made a half-joke in my article about protecting JavaScript, but
: it really is true: if you want to protect your GIFs or JPGs, put them on a
: floppy, stuff it into a mason jar, go out to the garden at midnight, and
: bury it.

I'm all out of mason jars at the moment however, I'm not trying to protect
anything. This is purely academic.
What I meant, although I worded it poorly, was to prevent people from
linking from other sites, displaying the image on their web site and eating
up my bandwidth but again, I don't have any images I'm worried about.

Other than for research or educational purposes, there are roughly two times
I have asked questions in msnews and both went unanswered. One was on
printing with VI6.0 and the other one is an issue I have with favorites
being searched first in IE before trying to resolve the domain on the net.
Obviously they weren't asked in this NG.

--
Roland

This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose.
-Technet Knowledge Base-
http://support.microsoft.com/default...&ln=EN-US&FR=0
-Technet Script Center-
http://www.microsoft.com/technet/tre...er/default.asp
-WSH 5.6 documentation download-
http://www.microsoft.com/downloads/d...displaylang=en
-MSDN Library-
http://msdn.microsoft.com/library/default.asp
Jul 19 '05 #9

P: n/a
> Other than for research or educational purposes, there are roughly two
times
I have asked questions in msnews and both went unanswered. One was on
printing with VI6.0 and the other one is an issue I have with favorites
being searched first in IE before trying to resolve the domain on the net.
Obviously they weren't asked in this NG.


Well, hooray! Thanks for the drivel summarizing your history in msnews!

Meanwhile, I'm waiting for your point...

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
Jul 19 '05 #10

P: n/a

"Roland Hall" <nobody@nowhere> wrote in message
news:OM**************@tk2msftngp13.phx.gbl...
What I meant, although I worded it poorly, was to prevent people from
linking from other sites, displaying the image on their web site and eating up my bandwidth but again, I don't have any images I'm worried about.


I thought you said you were talking about the stuff at the bottom of the
article with people saving your images, not the hotlinking thing.

Ray at work
Jul 19 '05 #11

P: n/a
> I thought you said you were talking about the stuff at the bottom of the
article with people saving your images, not the hotlinking thing.


In the past 24 hours it seems Roland has been 99% hot air, 1% substance.
I'm sure it'll balance itself out over time.

--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
Jul 19 '05 #12

P: n/a
In IE go to Tools; Internet Options; General TAB; Settings button; View Files
button. If you can see it, then it is on the client machine and in the client
cache.

Brian
Jul 19 '05 #13

This discussion thread is closed

Replies have been disabled for this discussion.