Instead of checking the entire referrer, why don' you just check the domain
it came from. Regardless of how you have your search set up, you should know
what domain(s) the valid searches are coming from. Check the domain and send
an error back if not coming from the correct place.
In addition, find out who has pointed their search to your code and go after
them. If you know thet these requests are coming from servers other than
yours you should be able to easily determine where they are coming from.
-----Original Message-----
From: Milo D. Strawn [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 31, 2001 6:34 PM
To: [EMAIL PROTECTED]
Subject: RE: Protecting your code from theft
I could probably verify the referrer, but I would only be able to do that
after I knew that they had set up the search pages. What I really need is
a way to keep anyone from doing it even if I don't know who they are or
that they are trying to search using our templates.
Thanks,
Milo
At 06:15 PM 1/31/01 -0600, you wrote:
>Could you do something like verify the referer?
>
>-derek
>
>
>-----Original Message-----
>From: Milo D. Strawn [mailto:[EMAIL PROTECTED]]
>Sent: Wednesday, January 31, 2001 6:10 PM
>To: [EMAIL PROTECTED]
>Subject: Protecting your code from theft
>
>
>I have recently become aware that there are some websites out there that
>are setting up search pages that are calling results templates on our
>server. We obviously do not want this to happen. Apparently they found
>our search pages, copied the code and made their own search pages.
>
>I have two questions, that may be pretty basic, but I have never run across
>this problem before.
>
>1) How do you block your html pages from being able to view the source and
>steal the code in the first place? Is there a meta tag or something that
>will disallow the View Source option?
>2) What is the best procedure for blocking someone from calling a template
>on your server?
>
>Password protecting the site is not an option, as the searches are for
>public information. So why, you say, do I want to block them. Because we
>want and need control over where traffic is coming into our site.
>
>Again, this may be pretty simple and I may be overlooking the obvious here,
>but I am in kind of a crunch on this problem.
>
>TIA for any help.
>
>Milo
>
>
>
>-------------------------------------------------------------------------
>This email server is running an evaluation copy of the MailShield anti-
>spam software. Please contact your email administrator if you have any
>questions about this message. MailShield product info: www.mailshield.com
>
>-----------------------------------------------
>To post, send email to [EMAIL PROTECTED]
>To subscribe / unsubscribe: http://www.dfwcfug.org
>
>-------------------------------------------------------------------------
>This email server is running an evaluation copy of the MailShield anti-
>spam software. Please contact your email administrator if you have any
>questions about this message. MailShield product info: www.mailshield.com
>
>-----------------------------------------------
>To post, send email to [EMAIL PROTECTED]
>To subscribe / unsubscribe: http://www.dfwcfug.org
>
-------------------------------------------------------------------------
This email server is running an evaluation copy of the MailShield anti-
spam software. Please contact your email administrator if you have any
questions about this message. MailShield product info: www.mailshield.com
-----------------------------------------------
To post, send email to [EMAIL PROTECTED]
To subscribe / unsubscribe: http://www.dfwcfug.org
-------------------------------------------------------------------------
This email server is running an evaluation copy of the MailShield anti-
spam software. Please contact your email administrator if you have any
questions about this message. MailShield product info: www.mailshield.com
-----------------------------------------------
To post, send email to [EMAIL PROTECTED]
To subscribe / unsubscribe: http://www.dfwcfug.org
