如何从你的ASP.NET站点prevent图片盗链？ [英] How to prevent image hotlink from your ASP.NET site?

问题描述

什么是prevent人盗链从我的托管ASP.NET网站图片的最佳/最简单的方法是什么？我不需要prevent所有图像/盗链资源，我只是想prevent盗链到特定的图像/资源在网站上。仅供参考。它hostesd在GoDaddy.com所以IIS的技巧可能不会工作。

What is the best/simplest way to prevent people hotlinking to images from my hosted ASP.NET website? I don't need to prevent all images/resources from hotlinking, I just want to prevent hotlinking to specific images/resources on a site. FYI. It's hostesd on GoDaddy.com so IIS tricks probably wont work.

推荐答案

通过一个ASPX页面流的图像是一个很好的解决方案。虽然推荐人可以被黑客攻破。

Streaming the images through an ASPX page is a good solution. Though Referrer could be hacked.

你可以做的是使用一个独特的盐（关键字），并产生针对MD5（SHA-1或SHA-2）如果你真的关心安全性。运行当前时代的时间，以及对这个问题，以及，这​​使到期的影像。存储这个键code中的cookie。每当图像担任你基本上通过查询字符串传递此。验证发生在ASPX上的另一端。你甚至可以重新生成一个新的关键code使用要么是HTT prequestModule或在Global.asax页面的每个请求之间。

What you could do is use a unique salt (keyword) and generate against MD5 (SHA-1 or SHA-2) if you are really concerned with security. Run the current epoch time as well against this as well, this puts an expiry on images as well. Store this "keycode" in the cookies. Whenever images are served you basically pass this via the querystring. The validation happens on the ASPX on the other end. You could even regenerate a new "keycode" between each request using either an HTTPRequestModule or the Global.asax page.

有将开销，但它会prevent任何盗链。

There will be overhead, but it will prevent anyone from hotlinking.

这篇关于如何从你的ASP.NET站点prevent图片盗链？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！