Perl is my friend.
With that said, if you read the last (NewsMay103) news entry, you should understand what I'm talking about.
I took a few hours yesterday to permanently fix the unauthorized linking problem...with the help of Perl. I don't really know Perl, so it was challenging. But, I had a few examples of scripts which did things similar to what I wanted...and also a book which included stuff on how to check referrals and do stuff that way.
Needless to say, there are some changes/enhancements I'd like to make to my script, but for the time being (and even after those enhancements are made), it does the following:
- Allows me to 'protect' images from being linked only from pages I approve,
- Works 'transparently' (e.g. no user interaction),
- Doesn't 'give out' the actual URL to an image (looking at the source of a fully-loaded page reveals only the URLpath for the script query (the 'booby trap' part),
- Displays the correct image if authorized,
- Displays a little blue sad face (emoticon -- ) and not the expected image if linked from an unauthorized source.
I was trying to think of a crafty way to get my message across. I wasn't a big fan of creating an image with text, mostly due to bandwidth issues. I needed something simple, yet got the point across. The sad face just seemed the answer. Of course, I've got the script written so it's customizeable which image is referred if linked from an unauthorized place.
After I got the script working on an acceptable level, I immediately implemented it on my Monty Python site (where I was having all the problems in the first place). Upon doing so, I also moved/removed the existing images to a new, semi-hidden (e.g. different) directory. This means that almost every '404' error for those images which shows up in the logfiles now is from these unauthorized referrals...
Initial tests are proving very successful. Transparently, this 'feature' is allowing every visitor to the Python site view these images, but not allowing anyone else to view them without loading the source page. This is the behavior I'm going for. If someone wants to use one of the Python images somewhere (because they're not my copyright, nor do I claim that) that's fine -- I just don't want them to ungratefully use my bandwidth for it.
This post was upgraded to the MZ Online Blog on 8/20/07