[thelist] Hotlinking prevention

Joshua Olson joshua at waetech.com
Wed May 5 07:35:02 CDT 2004

> -----Original Message-----
> From: Ken Schaefer
> Sent: Wednesday, May 05, 2004 1:31 AM

> Why an ASP page?

Because I'm a minimalist and I'm a lazy coder (which isn't a bad thing
necessarily).  I could've created a VBS file (and executed it with cscript)
just as easily, but I wanted to be able to test my code simply by hitting a
page on the server from my browser.  There's always a dozen ways to solve
almost anything and the choice between them is often made by convenience, as
it was in this case.

> -----Original Message-----
> From: Chris Hayes
> Sent: Wednesday, May 05, 2004 6:13 AM
> If I were a hotlinker, I'd (not so) simply schedule a script to get the
> updated image src.

Any system is hackable.  You could definitely do this scripting, and I would
be very inclined to see such an attempt be made using that page as an

It ultimately comes down to how savvy the hotlinker is at coding.  While
there are always exceptions, I've found that many times hotlinkers are only
savvy enough to cut-n-paste.  A hotlinker that could generate a script to
determine to folder structure and update their own links accordingly could
probably get past just about any prevention system out there, given enough

Could you imagine how much extra effort these savvy hotlinkers would have to
commit to updating their own links if this process because standard
practice?  At some point it would become impractical to even bother.

Joshua Olson
Web Application Engineer
WAE Tech Inc.

More information about the thelist mailing list