asp.net - How can i hide/secure image path? -

-

how can hide/secure image path in asp.net? don't want user see image path directly.

i have googled problem , found following url:

http://www.codeproject.com/kb/web-security/imageobfuscation.aspx

on page suggests changing image path this:

<img id='imagecontrol'         src='showimage.axd?path=<% encryptstring("c:\images\img.ext", page) %>'

but if user copy image src , paste browser domain name show image.

it depends on trying achieve.

if you're trying stop people linking images site, best option extend handler mentioned in question return image if request.referrer own site.

this means if did try , link image via handler, they'd see broken image/no image, wouldn't able request image directly in browsers, etc.

you should include sort of time stamp in encrypted path, , reject requests come long ago - again limit validity of links:

<img id='imagecontrol'       src='showimage.axd?path=<% encryptstring("c:\images\img.ext|" + datetime.now.tostring(), page) %>'

then in handler:

dim pathandtimeenc string = ctx.request.params("path") dim pathandtime string dim path string dim timestamp datetime  pathandtime = common.decryptstring(pathandtimeenc, ctx) dim parts = pathandtime.split("|"c) path = parts(0) timestamp = datetime.parse(parts(1))  dim fivemin timespan = new timestamp(0, 5, 0) if datetime.now.subtract(timestamp) < fivemin   ' return image. end if

if you're trying stop people downloading images you're not going stop more basic internet user - after display image on site, you'll need send copy of client browser.

however, couple of possible options make harder:

  1. ensure images expire immediately, means browser shouldn't keep them locally long - mean none of images cached, , you'll end higher bandwidth useage repeat viewers; if using handler can in code: response.cache.setcacheability(httpcacheability.nocache); response.cache.setexpires(datetime.now);
  2. use css place transparent 1x1px image on top of images on site - way if user right-clicks on image save it, path transparent image rather 1 expecting (flickr does/used this)

at end of day, if put content online, it's hard stop dedicated "thief" taking , using it.


Comments

Post a Comment

Popular posts from this blog

android - Spacing between the stars of a rating bar? -

-
ho can set spacing beween stars? thats ratingbar: ratingbar = (ratingbar) inflater.inflate(r.layout.ratingbar, null); ratingbar.setlayoutparams(new layoutparams(layoutparams.wrap_content, layoutparams.wrap_content)); the layout: <?xml version="1.0" encoding="utf-8"?> <ratingbar xmlns:android="http://schemas.android.com/apk/res/android" style="@style/mystyle" android:layout_alignparentright="true" android:layout_height="19dp" android:layout_width="wrap_content" android:numstars="5"> </ratingbar> the style: <style name="mystyle" parent="@android:style/widget.ratingbar"> <item name="android:progressdrawable">@drawable/android_r2_ratingstar_yellow</item> <item name="android:indeterminatedrawable">@drawable/android_r2_ratingstar_grey</item> </style> thanks, cheers you have
Read more

aspxgridview - Devexpress grid - header filter does not work if column is initially hidden -

-
i'm using devexpress grid , i'm trying 'country' column display header filter properly: <dx:gridviewdatacolumn caption="country" fieldname="countryname" showincustomizationform="true" visible="false"> <settings allowheaderfilter="true"/> </dx:gridviewdatacolumn> if 'country' column set visible='true', header filter displayed should(it shows value option list). however, want 'country' column hidden, available in customization window(like in code above). in case, when column dragged outside customization window , grid , header filter clicked, javascript error encountered: element null element.addeventlistener(eventname, func, true); is known bug? there workarounds? set aspxgridview.settings.showheaderfilterbutton property true resolve problem. the following markup works fine me (i using dxperience 10.1.7): <asp:accessdatasource id="accessda
Read more

c# - How to execute a particular part of code asynchronously in a class -

-
i creating speech recognition engine that's going respond user commands.i have created button enable , disable speech recognition per user convenience.i have used dispose() of speech engine disable speech recoginition.here code private void button1_click(object sender, routedeventargs e) { engineon = !engineon; if (engineon) { speechengine = speech.createspeechengine(); //speech class creates , returns new speech engine. speechengine.audiolevelupdated += new eventhandler<audiolevelupdatedeventargs>(speechengine_audiolevelupdated); // use system's default microphone speechengine.setinputtodefaultaudiodevice(); speechengine.loadgrammar(new dictationgrammar()); // start listening speechengine.recognizeasync(recognizemode.multiple); } else { speechclass.myengine.dispose(); } } but disposal of speech obj
Read more