Block image from be viewd/download in every browser

Question

I need to provide a texture URL that will be used in an online game (with a desktop software) and I need to prevent people to open the texture from their browsers and allow the texture to be opened only by that game.

The game is quite similar to Second Life, it uses part of the same engine.

I don't need an anti hacker method, just a way to prevent users that have the URL from open it in browsers.

I know someone that has done it but I don't know how, but I know is possible.

I think I need to check the HTTP header with .htaccess and filter somehow but I've not idea how.

How can I do?

Answer 1

Use a secret QUERY_STRING parameter while making an HTTP request from the desktop software. The htaccess can check this parameter name/value and grant access accordingly. If all your textures were present at /textures your htaccess would look like:

RewriteEngine on
RewriteBase /

RewriteCond %{REQUEST_URI} ^/textures [NC]
RewriteCond %{QUERY_STRING} !(^|&)password(=|&|$) [NC]
RewriteRule ^ - [F]

---

If the request URL is beyond your control, you need to look at things like IP Address (in case of a static IP), or software's User-Agent HTTP header that can be used to uniquely identify and grant access to it.

RewriteCond %{HTTP_USER_AGENT} !software_id [NC]

Here, software_id denotes some part of your software's User-Agent. For example, to grant access only to iPhones one would use !iphone [NC] above.