Just wondering how does Flickr prevent people from downloading images from its site? What are they using?
+17
A:
Transparent .gif over the image. You can still download the actual image by viewing the HTML source and finding the image's actual URL.
For example, a random image: http://www.flickr.com/photos/34285128@N00/4300352607/
<img style="position:absolute;top:0px;left:0px;display:block" src="http://l.yimg.com/g/images/spaceball.gif" alt="" width="500" height="366">
That's the transparent image on top.
<img src="http://farm5.static.flickr.com/4057/4300352607_edcc5a4a9e.jpg" alt="Say It With Flowers by *sido* (back in a few days)." title="" width="500" height="366" class="reflect">
That's the actual image, which is displayed below spaceball.gif.
Corey
2010-01-24 23:44:04
Of course, anyone with a little bit of experience can circumvent this in 10 seconds if they want the image.
alex
2010-01-25 00:43:07
A:
Not to thread dump, but conceptually if you are really trying to lock out downloading an image, you could (i think). Using a framework like asp.net mvc, you could tag the image with a unique key, storing the key either in memory or some other form of persistence and pass it down to the client with the id as the filename. On the returning end, upon request for the file, you could intercept the request for the image and perform a lookup on the key matching it to the actual file. Once you have the file, you return the image as a custom result with the appropriate meta tags (at least in mvc, not sure how you'd do it elsewhere). Before you return it though, you flag the result as being viewed.
It would be a great deal of work on the server, but it would require a great deal of effort for anyone to snag the image if you utilized Flickr's transparent gif technique in conjunction with it.
The idea being that a single request would be issued on a normal view and any further attempts to view the image directly (by viewing source and grabbing the url) would be blocked.
<./threadump>
Sorry, just had the idea and wanted to add it to the already answered question (sleep deprevation and all that jazz).
Chance
2010-01-26 01:50:56
Any client (or plugin) that does not respect caching rules will still allow you to pick up the files from the cache. Failing that, any proxy with a caching or mirror function can save all the files that come down. If you can eventually see the file, you can save it, one way or the other.
jsoverson
2010-01-26 02:06:04
@jsoverson - right, there is no way you could completely block out saving the file. Even though the caching on the proxy would be mute (as each request for the file would have a unique filename), the file is still being received by your machine and thus is savable via cache. It isn't a 100% resistant solution, but I think the approach is still solid for the majority of scenarios. The alternative being a flash/SL app that displayed the image via a remote request to the server with session information.
Chance
2010-01-26 18:09:39