On Mon, May 4, 2009 at 6:03 AM, Andre-John Mas wrote:
> I have seen some site block images from being loaded if the referrer is not
> the site in question. I don't know if this is possible with Tomcat?
Easily done with a Filter, except that:
1) The referrer header is not required by the spec.
2
On 19-Apr-2009, at 12:22, Graeme Kidd wrote:
Thanks André,
urlrewrite seems a suficiant solution for now as I only want to
block people if they try and acess the file from outside my domain.
If my understanding is correct blocking by IP although harder to
fake would prevent them no matt
Thanks André,
urlrewrite seems a suficiant solution for now as I only want to block people if
they try and acess the file from outside my domain. If my understanding is
correct blocking by IP although harder to fake would prevent them no matter
what.
There is an example given in the urlrewri
On Sun, Apr 19, 2009 at 7:37 AM, André Warnier wrote:
> But basing the acceptance or rejection on a HTTP request header sent by the
> browser is not absolutely secure, in the sense that this can easily be faked
> using any HTTP client agent such as wget, curl, lwp-request etc..
True. But it seem
David Smith wrote:
I think you got it right the first time. The OP wants to make sure the
referrer header is present and starts with http://www.mydomain.com as
opposed to http://www.anotherdomain.com. It'll help prevent other sites
from linking directly to resources on the OP's site.
Basic
I think you got it right the first time. The OP wants to make sure
the referrer header is present and starts with http://www.mydomain.com
as opposed to http://www.anotherdomain.com. It'll help prevent other
sites from linking directly to resources on the OP's site.
-- David
On Apr 19, 20
Graeme-
if I interpret the requirement correctly you need some manner of rewriting the
URL?
with Tomcat you can use URLRewrite available from tuckey
http://tuckey.org/urlrewrite/
anyone?
Martin
__
Disclaimer and Confidentiality/Verzicht und Vertrau
André Warnier wrote:
Graeme Kidd wrote:
Hi,
Is there a way to configure tomcat to prevent some one from
downloading a file I host when they are not within my domain?
You may want to have a look here :
http://tuckey.org/urlrewrite/
It's a bit like the Swiss Army knife for this kind of thing
Graeme Kidd wrote:
Hi,
Is there a way to configure tomcat to prevent some one from downloading a file I host when they are not within my domain?
You may want to have a look here :
http://tuckey.org/urlrewrite/
It's a bit like the Swiss Army knife for this kind of thing.
You would normally do
