[osflash] SWF protection techniques
Bob Ippolito
bob at redivi.com
Fri Feb 10 16:58:04 EST 2006
On Feb 10, 2006, at 12:35 PM, Stefan Richter wrote:
> Is this code meant to protect from leeching? If so then that's not
> working:
> http://www.flashcomguru.com/swf_leech.htm
> Runs quite well and it's not even using my own bandwidth (I'll
> remove it
> shortly, don't worry).
>
> Good topic though: has anyone found a reliable, crossbrowser way to
> stop swf
> leeching reliably? I know of mod_rewrite but that's Apache only, any
> Windows/IIS implementations don't appear to work cross browser.
> I'd like to see a reliable way to read the HTML container's
> address, check
> if it's allowed and act upon it. Something that can be added to a
> swf to
> 'bind' the it to a certain domain even when it's leeched like the
> game above
> would be nice.
>
> Ok, don’t trust the client and all that but for my needs it would
> actually
> suffice. Ideas?
You can't put this kind of protection in the client anyway because
the SWF has no reliable way to know what the URL of the HTML page
it's housed in is. It's a server-side issue and you have to assume
that the web browsers do Referrer correctly (which is a reasonable
assumption).
Do you currently have a leeching problem? Does it really matter? If
the SWF itself is branded, they might be doing free advertising for
you...
-bob
More information about the osflash
mailing list