Reputation: 2716
How can I prevent other sites from linking to my javascript files?
I have some jquery plugins hosted on my server, but I'd like it to be available only to my visitors.. I'm paranoid other websites might just link to my js files and steal my bandwidth. How would you solve this problem?
Upvotes: 7
Views: 1619
Answers (4)
Reputation: 94429
You can use your .htaccess file to restrict the domain.
Upvotes: 10
Reputation: 6822
Cretae a .htaccess in the root of you site folder (for apache or IIS with ISAPI_Rewrite)
Replace mysite.com with your domain remebering that all . have to be backslashed in the RewriteCond and replace with a page you want to send them to when there trying to steal your bandwidth
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\. (js|json)$ http://mysite.com/theif.txt
and add theif.txt to your site with the code below (any site trying to steal your code will send all there users to http://www.yourhtmlsource.com/sitemanagement/bandwidththeft.html lol
top.location = "http://www.yourhtmlsource.com/sitemanagement/bandwidththeft.html";
They will soon unlink your script from there page
Upvotes: 4
Reputation:
You may be able to prevent them using your javascript files directly, but there is no guaranteed way to prevent them from copying your files and use them manually, i can already see few answers you may want to try this:
use your javascript files by a php file:
header("content-type: text/javascript"); if(isset($_GET["name"]) && strpos("yourdomain.com", $_SERVER['HTTP_REFERER'])) echo(file_get_contents("hidden_path_to_js/".$_GET["js_name"]."js")); else die("access denied");
In above sample you going to check if refer address is your website or not, so for using your js file
<script src="get_js_file.php?js_name=jquery"></script>
Upvotes: 3
Reputation: 4293
you could always run the javascript through a PHP file using .htaccess to route all requests to it. If the user-agent is different from your website, then it can send a 403, otherwise it could use a file_get_contents to return the file.
hope that helps
useful htaccess template: CheckSpelling on Options -Indexes Options +FollowSymlinks
DirectoryIndex index.php
RewriteEngine on
RewriteBase /js/
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.+)$ /js/index.php?p=$1 [L]
Upvotes: 1
Related Questions
- Block access to JavaScript file
- How can I block direct access to my JavaScript files?
- Block js file access from webpage source
- How to block free web hosting sites from forcefully injecting JavaScript in php files, like cookies
- Prevent Unauthorized access to JavaScript files
- How to only allow calls to PHP scripts from files on my server?
- PHP: How to prevent direct access to JavaScript files?
- How to prevent javascript linking
- How I forbid people to put my links (images, .css files and .js files) into their websites?
- Php file outputting javascript for include as a JS file - need to restrict so its not opened in a browser window