- Quick start
- Working with HotlinkBlocker
- Product information
REDIRECT protection type
This protection method may be used to protect embedded content like PDF files
or Flash movies if the LINK protection method is not an option.
REDIRECT protection method check HTTP referrer value just like REFERER protection but when check is passed instead of simply allowing access to the file it issues a redirect to a temporary signed link. Then it operates like a LINK protection method by validating a signature and timestamp. So all embedded applications that usually don’t set HTTP referrer header uses this signed link to work.
Here is more detailed explanation. In ordinary REFERER protection HotlinkBlocker expect referrer header to be present in the media request and reject all illegal referrer values. Browsers usually send referer header for the most content, but media files are served by a third party applications and not by a browser directly. These applications does not send referer information to the server. REDIRECT protection is based on a fact that browser do not know anything about the content-type of the resource before it actually make a request to the server. If you have a link to the media file, first request is always made by a browser itself and thus will contain referer information. But after browser recognizes content-type as a media file it starts a third party application and transfers link to it. On this stage referrer is lost. HotlinkBlocker redirects first browser request that contain initial referer to the signed link, so after refferer is dropped the link will still be valid because it is signed.
The advantage of this method is it does not require you to edit anything on your site unlike the LINK protection method. Simply set protection directory and apply. Disadvantage is that it still rely on HTTP referer header in initial request while LINK protection is free of this limitation. Some network firewalls may still remove referrer information from the client's requests so the LINK protection will be the only alternative in such situation.
|© 2002 - 2007 Helicon Tech. All rights reserved.|