Archive of UserLand's first discussion group, started October 5, 1998.
Re: Secure Prevention of Deep Linking
Author: Jeremy Bowers Posted: 8/12/1999; 6:19:51 AM Topic: Deep Linking Msg #: 9376 (In response to 9364) Prev/Next: 9375 / 9377
I'm looking at this as a way of protecting media, as in the Universal case, or something similar to that. Bookmarking media is difficult as it is. You'd still be able to bookmark the page on which the media is located, so that's OK.You'd use the CGI script and output the type of content you want to serve via the MIME stuff that you can set.
For HTML pages, referer is enough, I think, this just gives additional security for importent things. As Jim alluded to elsewhere, this is too processor intensive to put on all content.
Options, options, options. No panacea, but lots and lots of simple, effective options. That's the point. To make something that isn't fakeable, as for some [management] people, the possibility that somebody might fake it is enough to still go to court over (which is the point I'm trying to make; there's no need to go to court, shouldn't even be a need percieved). This option has tradeoffs, so does any other. But pretty much any desired security can be obtained, one way or another, or by combining approaches (like CGI+Cookies).
This page was archived on 6/13/2001; 4:51:50 PM.
© Copyright 1998-2001 UserLand Software, Inc.