David kerber wrote:
Caldarale, Charles R wrote:
From: André Warnier [mailto:a...@ice-sa.com]
Subject: Re: Secured photo rendering
But it should not, if the server sends the image with the appropriate
"no caching" and/or "expires" HTTP headers.
The headers don't matter, since the client has the image in hand.
Browsers, for example, allow a right-click to save the image,
regardless of the caching state.
I've seen javascript used to prevent right-clicking to save the image,
but nothing can prevent them from taking a screen shot.
Now how one would set such headers easily in Tomcat for static
documents, that I don't know.
Filters - but it won't help.
Ok guys, I may have misunderstood the issue.
I agree that nothing will help, to stop a client doing anything it wants
with anything that your server has already sent to it.
That's a basic truth for anything www-wise (which hasn't stopped people
spending fortunes to try and prove the opposite).
But I (mis?-)understood the issue as being that the OP wanted to force
browsers to reload some images from the server each time, and not use a
(possibly stale) cached copy.
In that case, the HTTP headers should help.
Of course, only with well-behaved browsers.
But hey, even IE is getting better with time.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org