David kerber wrote:
Caldarale, Charles R wrote:
From: André Warnier [mailto:a...@ice-sa.com]
Subject: Re: Secured photo rendering

But it should not, if the server sends the image with the appropriate
"no caching" and/or "expires" HTTP headers.

The headers don't matter, since the client has the image in hand. Browsers, for example, allow a right-click to save the image, regardless of the caching state.

I've seen javascript used to prevent right-clicking to save the image, but nothing can prevent them from taking a screen shot.



Now how one would set such headers easily in Tomcat for static
documents, that I don't know.

Filters - but it won't help.

Ok guys, I may have misunderstood the issue.
I agree that nothing will help, to stop a client doing anything it wants with anything that your server has already sent to it. That's a basic truth for anything www-wise (which hasn't stopped people spending fortunes to try and prove the opposite). But I (mis?-)understood the issue as being that the OP wanted to force browsers to reload some images from the server each time, and not use a (possibly stale) cached copy.
In that case, the HTTP headers should help.
Of course, only with well-behaved browsers.
But hey, even IE is getting better with time.



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to