|
Home > Archive > IIS Server Security > January 2004 > Want to prevent downloads on specific pages
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Want to prevent downloads on specific pages
|
|
|
| I have a web pages that have graphics of document files
that we sell, and I want to prevent downloads of the
graphics, which are copywrited and could be used to create
the document files.
How do you do that? I'm experienced with NTFS file
permissions, but I'm not sure what settings are required
to allow a read but not a copy.
I have seen this done on other websites, where you
couldn't even right-click, let alone elect a copy or
paste.
I even saw one site that had a pop-up that said "these
materials are copywrited," but when you do a View Source,
there's nothing in the code, which means it must be a
permissions setting.
Thanks,
Matty
| |
| Ken Schaefer 2004-01-24, 2:34 pm |
| I hate to disillusion you, but this isn't possible.
The browser needs to be able to get the image in order to display it to the
user, and once the user has the image on their computer, they can do
whatever they want with it.
You can stop people "right-clicking" on the page, but that doesn't stop them
getting the image out of their local webbrowser cache. Nor, does it stop
people who have disabled Javascript. Nor does it stop people using the
Print-Screen functionality to grab a screen shot of the current Window.
View-source probably shows nothing simply because the webpage has a lot of
empty blank spaces at the top of the page. If you scroll down, you will see
the page source.
Cheers
Ken
"Matty" <anonymous@discussions.microsoft.com> wrote in message
news:321e01c3e2a2$b647bd40$a301280a@phx.gbl...
: I have a web pages that have graphics of document files
: that we sell, and I want to prevent downloads of the
: graphics, which are copywrited and could be used to create
: the document files.
:
: How do you do that? I'm experienced with NTFS file
: permissions, but I'm not sure what settings are required
: to allow a read but not a copy.
:
: I have seen this done on other websites, where you
: couldn't even right-click, let alone elect a copy or
: paste.
:
: I even saw one site that had a pop-up that said "these
: materials are copywrited," but when you do a View Source,
: there's nothing in the code, which means it must be a
: permissions setting.
:
: Thanks,
: Matty
| |
| David Wang [Msft] 2004-01-25, 10:34 pm |
| What I have seen is that IE would prevent "View Source" from working within
itself. Though, as Ken notes, these are all cosmetic measures. The fact
that the remote user is able to browse your website means that you've handed
the graphics/text over the network to the browser and that the remote user
has your data. Even if the browser doesn't hand it to you, someone can
sniff the network traffic or plug a proxy in front of IE and reconstruct the
data.
DRM (Digital Rights Management) is a proposed mechanism that allows you to
define what someone can do with your data after they download it (such as
copy, print, save, etc). But, that's still all nascent technology, and
there's lots of hurdles to overcome (technological, societal, psychological,
etc) before it's possible.
So, the short answer -- for the foreseeable future, what you are asking is
impossible. Copyrighted data available for download without some form of
DRM is an oxymoron...
--
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//
"Ken Schaefer" <kenREMOVE@THISadOpenStatic.com> wrote in message
news:u7wq4gv4DHA.1636@TK2MSFTNGP12.phx.gbl...
I hate to disillusion you, but this isn't possible.
The browser needs to be able to get the image in order to display it to the
user, and once the user has the image on their computer, they can do
whatever they want with it.
You can stop people "right-clicking" on the page, but that doesn't stop them
getting the image out of their local webbrowser cache. Nor, does it stop
people who have disabled Javascript. Nor does it stop people using the
Print-Screen functionality to grab a screen shot of the current Window.
View-source probably shows nothing simply because the webpage has a lot of
empty blank spaces at the top of the page. If you scroll down, you will see
the page source.
Cheers
Ken
"Matty" <anonymous@discussions.microsoft.com> wrote in message
news:321e01c3e2a2$b647bd40$a301280a@phx.gbl...
: I have a web pages that have graphics of document files
: that we sell, and I want to prevent downloads of the
: graphics, which are copywrited and could be used to create
: the document files.
:
: How do you do that? I'm experienced with NTFS file
: permissions, but I'm not sure what settings are required
: to allow a read but not a copy.
:
: I have seen this done on other websites, where you
: couldn't even right-click, let alone elect a copy or
: paste.
:
: I even saw one site that had a pop-up that said "these
: materials are copywrited," but when you do a View Source,
: there's nothing in the code, which means it must be a
: permissions setting.
:
: Thanks,
: Matty
| |
| =?Utf-8?B?d2VibWVpc3Rlcg==?= 2004-01-27, 2:35 am |
| I would only publish a small graphic icons from the documents you are selling or only show a small part of the document. Print a copyright message on each graphic.
Regards,
Thomas Bruehlmann
http://www.webmeister.ch - intranets quick and easy
|
|
|
|
|