 | | | More DCR "theft " naughtiness | More DCR "theft " naughtiness 2003-12-11 - By duck
Back
Hi Guys,
Some new developments in the continuing saga of preventing DCRs from being
copied/framed/popped up by other sites. I don't believe that this trick has
been addressed before, and so may be of interest (specifcally to Barry with
his document that he said he was writing up!).
Currently, in order to prevent the dcr from being embedded by external
sites, I check the "src" externalParam, and make sure it does not begin
with "http", thus only allowing the dcr to be linked to locally from my own
site.
However - it appears to still be possible to embed dcrs remotely, even if
this check is performed, because of the html tag <BASE>
http://www.faqs.org/docs/htmltut/linking/_BASE.html
This tag is specifically designed to tell the browser to pretend that the
page is being loaded from some other (remote) site, and so allows
local-style links in the HTML source that actually link to remote files on
the server specified in the BASE tag.
I was tipped off that a site was popping up my game, and discovered that it
was using this technique. It's still there at the moment:
http://www.mofunzone.com/games/snowfight.shtml
Check out the source of the pop-up window. They've actually just copied my
own page source, and just added the <BASE> tag.
(To view the source of their pop-up window, you may need to Ctrl-N while in
the pop-up to open a duplicate in a window that has a menu bar)
Any ideas how to detect and prevent this method?
- Ben
__ ____ ____ ____
ben@(protected)
www.robotduck.com
__ ____ ____ ____ ____ ____ ____ ____ ____ ____
dirGames-L mailing list - dirGames-L@(protected)
http://nuttybar.drama.uga.edu/mailman/listinfo/dirgames-l
Earn $52 per hosting referral at Lunarpages.
|
|
|