CopySafe Web Return to index  

9.5 The ArtistScope Web Browser

About the ArtistScope browser

The ArtistScope Web Browser provides the most secure web view scenario on the planet when used to display pages delivered from an ASPS server. Web servers running the ASPS filter encrypt web pages so that only the ArtistScope browser can display them. Not only are those web pages secure in transit but they cannot be retrieved from cache, view source or by packet-sniffers when using SSL.

Version 2.0 the ArtistScope browser also displays normal (non-ASPS) pages delivered from any web site, thus securing all of the holes exposed by popular web browsers when displaying copy protected pages. Your site visitors can explore your web site just as with any other browser while maintaining that any privileges provided for copy/save/print can be controlled.

ArtistScope browser v normal browsers

The ArtistScope browser secures the following features that are exposed in normal web browsers:

  • view of page source - not possible with ArtistScope browser.
  • can be retrieved from browser cache - not possible with ArtistScope browser.
  • right-click menus for copy/save/print - not possible with ArtistScope browser.
  • drag-n-drop - not possible with ArtistScope browser.
  • disable JavaScript to evade detection - not possible with ArtistScope browser.
  • printing of page even by Ctrl-P- not possible when printing is disabled*.
  • save page - not possible when saving is disabled*.

* additional protection settings (see below) can be added for the ArtistScope web browser.

How to restrict page access to the ArtistScope browser only

In your CSI settings you can nominate which web browsers can access your protected pages. To require the ArtistScope browser only, simply set all other browsers to "false". However you cannot rely on that setting alone because most web browsers can use add-ons for user-agent spoofing. So if you can check server-variables using client side scripting like ASP, .Net or PHP, you can check for things that no other web browser can provide. For example:

HTTP_ARTISDRM gives the client machine ID for use in DRM control
HTTP_ARTISDATE gives the date on the client computer in YYYYMMDD
HTTP_ARTISWIDTH gives the user’s screen width in pixels
HTTP_ARTISHEIGHT gives the user’s screen height in pixels

For Classic ASP you can use: <%= Request.ServerVariables("HTTP_ARTISDATE") %>
For PHP you can use: <?php $_SERVER['HTTP_ARTISDATE'] ?>

These details are unique to the ArtistScope browser and they can be used to verify a user’s identity by comparing to other record, server time, etc. If they do not exist then you will know that the visitor is trying to spoof browser type and redirect where necessary.

Additional features provided by the ArtistScope web browser

The following meta-tags can be used that are only recognized by the ArtistScope web browser. If they are found then these settings will be observed, otherwise the option will be ignored.

<meta name="artis-allowprint" value="false" /> disable printing
<meta name="artis-allowsave" value="false" /> disable save as
<meta name="artis-width" value="800" /> set browser window width in pixels
<meta name="artis-height" value="600" /> set browser window height in pixels
<meta name="artis-kioskmode" value="true" /> open fullscreen (without toolbar)

Note: any settings applied to the new window govern all windows.

How to require that the ArtistScope web browser is used

In the csi.js file that governs all sorts of settings for protection level and which browsers can access your protected pages, you can nominate that only the ArtistScope browser be used. Other browsers can be redirected to instructions for using and installing the ArtistScope browser.

However there are many add-ons available today that enable browser spoofing and "popular" browsers (the ones desperate to be popular) will advertise and support such add-ons, so extra care is recommended when detecting browser type. Browser spoofing sends a false user-agent string with page requests so you need to do more than just read and check that user-agent string. Also, JavaScript is not ideal where security is paramount and such detection should be managed by server-side scripting such as PHP or ASP.

The ArtistScope browser passes information that other browsers are in capable of sending such as the server variables listed above for DRM, date, width and height. If either of those variables are empty then you will know that it is not an ArtistScope browser.

Also note that in our latest scripts we always refer to artisreader/2 as it is the version 2 browser that can access normal pages (not from an ASPS server) like the ones that you will be using CopySafe Web on.

Launching the ArtistScope browser from within other web browsers

While viewing web pages in a normal web browser it is possible to launch the ArtistScope browser and continue exploring that site using the ArtistScope browser. The ASPS Launch Button can be added to any web page and the code to use is available as a JavaScript button for gerneric use and also as add-ons for popular CMS like Drupal, Joomla, Moodle and WordPress.

However not all browsers support the add-ons and some recent browser versions have stopped supporting proper plugins. For example IE11+ no longer supports ActiveX in their browser and Chrome version 42+ dropped support for NPAPI plugins instead supporting PPAPI plugins which are useless for system interaction. In such cases the visitor will need to manually launch the ArtistScope browser to explore your protected pages.

Copyright © 1998-2017 ArtistScope. All Rights Reserved.