4

I think the answer to this is no, but ideally I would like to be able to allow image hotlinking, but redirect regular links. For example, if somebody uses this, it should work as expected:

<img src='http://mysite.com/image.jpg'/>

But if they use this, it would redirect to a different page upon visiting:

<a href='http://mysite.com/image.jpg'>Click Here</a>

I believe $HTTP_REFERER is the same, regardless of the two methods. Is there any other clever way to distinguish between the two?

Jake
  • 4,014
  • 8
  • 36
  • 54
  • Not an answer as such, but very related information on a technique to stop people embedding your images, while allowing them to link to your images, showing a different page. With a bit of tweaking, I think you could accomplish your requirements. [http://www.alistapart.com/articles/hotlinking/](http://www.alistapart.com/articles/hotlinking/) – John May 08 '12 at 20:19
  • Unfortunately, that method won't work because the way it disallows hotlinking is that it just breaks the image by virtue of the link sending HTML headers. I need the image to send image headers when hotlinked so that the image is embedded. – Jake May 08 '12 at 20:26
  • Yeah, was thinking it through over dinner and realised it only works by preventing hotlinking from non whitelisted referers. – John May 08 '12 at 20:29
  • You absolutely need to do it with an htaccess? – Pier-Alexandre Bouchard May 08 '12 at 20:35
  • 1
    After more thought, I'm inclined to agree that this can't be done, at least not sensibly. A not-so-sensible solution (depending on the volume of requests involved), would be to rewrite all image requests from a referer other than your own to a script which scrapes the referring page to determine whether it came via an a tag or an img tag and deal with it appropriately (and caching the result so you don't have to scrape the next time) EDIT: a more sensible compromise might be to rewrite requests from referers other than your own site to a watermarked version of the image. – John May 08 '12 at 20:56
  • @John - That's not a bad idea, re: watermarks. Thanks. – Jake May 08 '12 at 21:55

1 Answers1

2

Many browsers send different Accpet: header in these two situations.

When requesting resource from <img src="xxx">:

Accept: */*

When requesting the url in address bar:

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
mateusza
  • 5,341
  • 2
  • 24
  • 20
  • Typo: "Accpet". Also, "header" should probably be pluralized. (SO won't allow correction edits of less than 6 characters.) – Jacob C. Mar 19 '19 at 16:50