Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
08-04-2005, 10:40 AM
|
#1
|
LQ Newbie
Registered: Jan 2005
Posts: 11
Rep:
|
How to prevent Automated download software
I have a web site to support listening music only. But there are some download softwares like Download Accelerator they can integrate to the browser (Internet Explorer) to get the link from web page content and enable users download files.
I did encrypt HTML code but could not.
Do you know how to prevent them by script (Javascript or any)?
Can I use Javascript to check Windows Registry to stop user if find any download program in there? If so how to do?
Thank you,
|
|
|
08-04-2005, 10:45 AM
|
#2
|
LQ Guru
Registered: Nov 2004
Location: San Jose, CA
Distribution: Debian, Arch
Posts: 8,507
Rep:
|
No, javascript cannot access the Windows Registry. And what if they're not using Windows?
If you've placed a file out there for download, they can get it. You could limit the number of requests/hour for a single IP, but that's about it.
|
|
|
08-04-2005, 09:10 PM
|
#3
|
Member
Registered: Jun 2005
Location: Pennsylvania
Distribution: Kubuntu
Posts: 197
Rep:
|
If you let users download the music to their players, they can also redirect it to a file. The way some people try to get around this is by encrypting the payload and having special players that can decrypt it so that in theory, the payload is only useful to the application that can play it (and this app has no save function). In practice, because you are giving control of the decrypting software to someone else (so they can play the music), it only becomes a matter of time before someone reverse engineers the decoder.
|
|
|
08-05-2005, 06:47 PM
|
#4
|
LQ Newbie
Registered: Jan 2005
Posts: 11
Original Poster
Rep:
|
I am using ActiveX of Windows Media Player on the web and disable users look at web content to get URL. But the Automated download software has broken up everything.
You have a good idea about having a own Player like Yahoo!music.
Do you know where to get a player script (Perl or Javascript) that can play WMA or MP3 files?
|
|
|
08-05-2005, 09:15 PM
|
#5
|
LQ Guru
Registered: Nov 2004
Location: San Jose, CA
Distribution: Debian, Arch
Posts: 8,507
Rep:
|
How do you "disable users look at web content"? Do you mean, disable viewing of source? I would hope you are aware that it is impossible to prevent people from viewing the source. Also, do NOT use ActiveX. Any sane windows user will have it disabled (I do on my windows box - if they want me to use ActiveX, I don't want their site) not to mention that mac and linux users are completely out of luck.
|
|
|
08-06-2005, 06:08 AM
|
#6
|
LQ Newbie
Registered: Jan 2005
Posts: 11
Original Poster
Rep:
|
I put the player on a pop-up window with no status, menu, resizeable, address bar.e.t.c. I disabled users using keyboard and right mouse button. It is working now an I dont think people can break it easily, anyway, don't count some high-level Javascript guys
I think of another solution for my case is I will prevent music download from Apache configure (httpd.conf). Following this way, people would not be able to download via the web link like http://mysite/music/file.mp3
The set is (copied from http://www.serverwatch.com):
SetEnvIfNoCase Referer "^ http://mysite/cgi-bin/" local_ref=1
<FilesMatch ".(mp3|wma)">
Order Allow,Deny
Allow from env=local_ref
</FilesMatch>
With the set above, users should never download mp3 file from my local folder if they know the music file URL. They have to be under my Perl script and I would have a change to control their accesses.
Any idea?
|
|
|
08-06-2005, 01:52 PM
|
#7
|
LQ Guru
Registered: Nov 2004
Location: San Jose, CA
Distribution: Debian, Arch
Posts: 8,507
Rep:
|
Well, that's one option. All you can do is make it harder for people. Are you sure Download Accelerators don't send the referer header? I know I could certainly fake one. (i.e., netcat)
|
|
|
08-07-2005, 04:17 AM
|
#8
|
LQ Newbie
Registered: Jan 2005
Posts: 11
Original Poster
Rep:
|
The best way has been found
keep secret..
Last edited by vhh; 08-09-2005 at 05:10 AM.
|
|
|
All times are GMT -5. The time now is 12:46 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|