0

I have swf& images files that can be hotlinked from otherwebsites like in this question How can I use HTTP Referer header to have my swf files viewed only from my website ?

EDIT

My files are hosted at my server, I am not using Amazon S3 service, or other files hosting services.

Community
  • 1
  • 1
simo
  • 23,342
  • 38
  • 121
  • 218

2 Answers2

1

You should assure that referrer link has same domain as yours, like if you have nginx: 

location ~* (\.swf)$ {
    valid_referers blocked mydomain.com www.mydomain.com;
    if ($invalid_referer) ) {
        return 444;
    }
}
Daniil
  • 5,760
  • 5
  • 18
  • 29
  • It's nginx configuration files. This kind of job should be done not in application logic, apache/nginx will do it easier and much faster. – Daniil Dec 30 '12 at 07:02
  • But, I am hosting my app on heroku, I don't know if this is possible – simo Dec 30 '12 at 07:12
0
if request.env['HTTP_REFERER'] =~ /yourdomain\.com\//
  # serve asset
end

Note that nil =~ regex # => nil so you don't need to check if request.env['HTTP_REFERER'] exists first.

Edit:

More about the =~ operator: Object#=~, String#=~, Regex#=~

$ irb
> nil =~ /something/
=> nil
AJcodez
  • 31,780
  • 20
  • 84
  • 118
  • 1
    Can you please point me where to read about the nil =~ regex # => nil ? and the =~ operator ? I need to educate my self about them – simo Dec 31 '12 at 07:50