CopySafe Web Return to index  
2.5 Page protection tips

Protecting non-image files


Although CopySafe Web was designed to protect images by encrypting them and displaying them in our security applet, with careful coding CopySafe Web Insert can be used to protect almost all content that can be displayed on a web page.

Protecting normal pages within a frameset

A frameset is a page arrangement that enables several pages to be displayed in the same browser window. By using a small CopySafe Web applet within the static page (such as the header or menu page for the frameset) you can protect all other normal pages opening in that frameset. To use frameset protection please observe the following:

  • Firstly, disabling any of the security functions with the csi options is NOT recommended with frameset use at all.
  • Each page belonging to the frameset needs to be protected from opening outside the frameset by using a JavaScript. Add the insert tag to your page header tags and then add the following line to the body tag where the page link is that of the frameset itself: onLoad="tmt_backtoframe('index.html')"
  • All links given from the frameset pages must be targeted to the respective frame names.
  • All links given for pages outside the frameset must use target=_top.
Protecting from direct linking (referrer method)

Allowing visitors to bookmark your protected pages and return by using a direct link (and not from a link within your web site) is not recommended. There are many ways to ensure that this doesn't happen depending on the script format supported by your web site. For example if using FrontPage, which supports ASP, you could use the following code:

Dim strCheckReferrer
strCheckReferrer = Request.ServerVariables("HTTP_REFERER")
If strCheckReferrer <> "" then
         Response.write""
         Else
         Response.redirect"/protected_index.asp"
End if

Above is the ASP is checking for a referrer. If they are using a bookmark there will be no referrer and they will be redirected to your index page. If you want to further protect to ensure that they are not following a link from a forum or another page outside of your web site you could use the following code:

Dim strCheckReferrer
strCheckReferrer = Request.ServerVariables("HTTP_REFERER")
If strCheckReferrer <> "" then
       dim AA, BB
       AA = Lcase(strCheckReferrer)
        BB = "mysite.com"
        if InStr(1,AA,BB,0)>0 then
               Response.Write""
               else
               Response.redirect"/protected_index.asp"
       end if
end if

The script above is checking that the referrer is your web site ensuring that they have accessed the protected page from a link from within your web site. For this to work properly the referrer has already been converted to lower case, so what you write in as your site for BB should be lower case also. Note that the FrontPage web page must be named as an ASP page, for example "exhibit_1.asp"

Protecting from direct linking (session method)

You can also protect direct linking by checking for a session ID (no cookie required). Then on the protected page, check their current session ID against the one used in the link. If they don't match then that means that the link came in from a bookmark or a direct link posted on a forum. If you don't want to allow direct links you can then redirect to the index or an error page. On the top of the protected page you can use ASP like:

Dim mySessionID, mySessionCheck
mySessionID = Session.SessionID
mySessionCheck = request("t")
if mySessionCheck <> mySessionID then
       response.redirect"index.asp?err=direct"
end if

The err can be loaded as a request field and scripted with a custom message. On your index page you can then use links like:

<a href="page.asp?t=<%= mySessionID %>"> LINK</a>
Copyright © 1998-2017 ArtistScope. All Rights Reserved.