Quote:
Originally posted by lEricPl
That is not a long term solution.
The rererer can easily be spoofed.
|
So the hot linking website is going to instruct porn hungry users on how to code their own browser to send a spoofed request header? Protecting by http_referer is just fine. Even if the user doesn't send a referrering url you should give them the file. The hot linking website cannot do anything but provide an href.
The only problem with the lavascript setting of the permitting cookie for use with htaccess...is the fact that most TGPs ban lavascript. Using a php for your gallery page to set the cookie would be fine - again, if the tgp allows (maybe this movie gallery isn't even intended for tgps anyway!). Just because you're running a php doesn't mean your content is dynamic...if you want to fake out TGP software you can just use an htaccess to parse .html files with the php engine.
Frankly...I don't see why EVERYONE doesn't use the htaccess method as it is mentioned here. It is freely available, works great, and doesn't waste server resources like *any* other solution. And I can't see any hot linking website going to the trouble of setting an arbitrary cookie just to fake out your htaccess.
__________________
icq5708193
aptgp III -- Build a Blog, an RSS feed, a text TGP, and a thumb TGP all from one installation. Own Comus or AutoGallery? Have APTGP III Installed free for 30 days; no obligations.