I've been looking around to see if there exists a good way to prevent viewers from using their right click options to download images that I upload to my website.
I know that people can look at the image url in the page source, and was wondering if you suggest a way to prevent them being taken, by disabling the save image option.
This is an unsolvable problem.
As long as you actually want people to see the images, you cannot prevent them from saving them via a number of methods (e.g. screenshots). All measures you might think of will just annoy your users, without actually preventing them from doing what they want anyway. Also consider that the people watching those images will have some interest in them (otherwise they would not watch them in the first place), so there we already have a motive for them to keep a copy.
The only way to reliably prevent people from saving the images is to never let them copy them onto their computers in the first place (and remember: showing something on another computer always entails making a copy).
One solution could be to invite people into a place where they can view the image on a screen which you control, and not let them take any pictures. Think of modern cinemas where security people with night sights watch the spectators and pull out those who might have been handling any camera like device.
If you want to make it even more difficult, do not use an IMG tag. Instead, define the image using CSS with the property 'background-image'. To make it even more tricky, define that property at runtime using JavaScript that was placed on the page using base64 encoding.
You can try this...
onload=function(){
document.oncontextmenu=function(){return false;}
}
This will disallow the operation of the context (right mouse button click) menu...
If a user knows what they're doing they can get around this, though.
I suggest not doing this. It's annoying and you're not actually protecting yourself.
If you must, jQuery makes it pretty easy to disable the right click menu:
$(document).ready(function(){
$('img').bind("contextmenu",function(){
return false;
});
});
Just make your images so ugly no one would want to take them.
Seriously, what are you worried about?
If you use the Microsoft Ajax Seadragon Deep Zoom viewer for you images then you can present your images as lots of overlapping tiles - a real pain to stick back together, difficulty depends on images size, but for hi-resolution images it makes 'printscreen' the only option for those wanting to steal stuff.
Incidentally the contextmenu thing works on divs better than images (things bubble) and you don't have to offend people by doing no click on the whole document.
To do it by class, e.g. with Prototype:
$$('.your-image-container-class').each(function(s) {s.oncontextmenu=function(){return false;}});
Related
okay so i have basic skills in html, css, javascript.
im still in the learning phases but just need a little help on where to go in regards to creating a web app.
i can figure out all the code, so thats fine, i just need some pointers as to what to use where.
So basically ill have a webpage with a few simple buttons, when clicked they'll send a message to the server and the server will hold a count for each button clicked using a php script.
1) - would it be best to hold that information in a JSON file?
then from there, there'll be another webpage which will have div tags stretching 100% across the page, with an element inside it which will move across the page according to the count held on the server.
2) - what should i use to animate it moving?. would i use javascript? or css3 or something?
the front end will need to continuously update on the count held by the server.
3) - would AJAX methods be best using javascript?
any advice would be great thanks.
And one last thing.
With Javascript animating, if i wanted to animate a div moving horizontal, is the best way to do it by animating the margin size? or am i stuck in the dark days..
1: i would store it in a database, if you store it in a file make sure that you are handling writes in a safe way(multiple writes to the same file)
2:you could use javascript to animate the css properties of a html element(preferable the width)
3: Ajax would work but then you need to continuously poll the server for changes alternativly use longpoling http://en.wikipedia.org/wiki/Push_technology#Long_polling
an alternative if you only support modern browsers and your hosting company allows it is to use websockets
If you're trying to save information server side (which you seem to be), I would recommend using a database (such as MySQL).
If your animation is dependent on the value from the server, I would use javascript to animate it. Note that you will have to poll the server in order to actually get this information (lets say, every second). When you get the information, simply update the div you want to animate with the new information. I don't quite understand what you want your display to look like, so I can't really give you anything more specific here.
Yes. I would recommend using jQuery to handle your AJAX calls as it makes it much easier and deals with cross-browser weird-ities.
To your update:
One option could definately be to adjust the (left) margin size, but you could also use the relative position. It will basically push the element however many pixels in whatever position from where it would typically be displayed. So if your box is by default right along the left border, you could relatively position it 100px to the right. You can read more about position here.
What ways do you use to protect copy righted images in your website?
Really the only way to protect images is to put huge watermarks on them, or only show them smaller than their original size. This is assuming you're displaying art or something else of that nature. All the tricks of disabling right click or using a css background or making a script output the image data only slow people down. If you can see something, you can save it. All it takes is a screenshot.
Not sure you can whilst people have the ability to hit "alt-print screen". You can prevent right clicking so they can't directly download the image and you can protect your folders so that you can't directly navigate to the image but that's about it really.
alt-print screen is your biggest permanent problem.
Put them behind a protected area and only give access to people you trust. If it's of the public portion on the site, you can't protect them. You can just inform people that the images are copyrighted, but the users can grab them at will.
i don't know any method that you works 100% however,
don't upload high quality images,it means that people can get but hesitate to use your images by trying these circumvented methods:
no right-click script
Shrink wrapping letting the thief download something other than original one.
Watermarking
Using Flash makes harder to get it
I'm going to be going to be meeting with a number of programmers and custom software companies to get bids on creating a website for a company that I'm involved with. My question is this: What should I prepare for the programmers so that they can give me an accurate bid, timetable, etc. for the development of the website? I have a clear picture of how I would like the site to work and the features that I would like to have included.
I'd suggest using something like balsamiq to put some simple sketches together as suggested elsewhere.
Quite often the act of putting your requirements down on paper in a way that represents the actual site will flush out all manner of issues you hadn't considered before, and will give you a much clearer understanding of what you're after.
Also consider the sources of the data you're displaying. From a functional spec aspect, simply saying something like 'show this figure here' is easy. From a programming point of view, coming up with the figure in the first place is often the hard bit.
The best you can do is to put the end-user's hat on and describe what you'd like the system to look like / work.
Imagine all pages and create a new frame for each one. Make as many annotations as you can so all bidders know exactly what you are expecting.
I'd also add at the end if it's likely the site's requirements to change during development, so everybody's warned in advance.
Details Details Details.
You might think you have a clear picture, you don't. You need to write every single step down no matter how trivial. You will see there are things you haven't thought of.
Try to write down as much information as you can think of. Go through all the scenarios a user would when using your site. Use steps such as
1) User clicks on Buy Button
2) Screen shows up with 4 items, Link to details, price, quantity and a 32x32 thumbnail.
2a) If User clicks on thumbnail full resolution image i s displayed
etc etc.
Don't try to gloss over the "simple" stuff and you will get the most accurate bid possible!
Basically draw out what you want (ie textboxes, drop down lists, controls, etc) in very simple manner. Then add little numbers around each area that has some functionality. In the margins or on another sheet, describe each point you numbered on the controls with simple instructions on how that functionality should work.
Think of it as a skeleton to describe the application you want.
Not a complete list, but here a couple of thoughts:
Do not forget the back button.
Back button behaviour is an issue on every site I've ever worked on. Specify exactly what you want to happen on every page if the user gets to that page by hitting the back button. Often it's easy, but sometimes it is not at all trivial.
Security:
Do people need to log on, how, how do you create accounts, reset passwords etc. What pages need you to be logged on, what happens if you hit those pages without being logged on.
You could read Joel Spolsky's Painless Functional Specifications for ideas, but I've just tried to summarise what that means for web software too.
I usually do this in 3 stages:
a list of contents, under the headings they'll appear on the site. Get this firmly agreed by all parties before doing any wireframes;
a greyscale functional wireframe in plain HTML/CSS, using examples of real-world content and dummy static pages for dymanic content, with everything where it should be. This is the first thing programmers want to see;
a purely visual graphic mockup of each type of page - this is the next thing programmers like to see, as in 'show me how you want it to look and I'll make it happen'.
See here: http://code.google.com/p/ie7-js/
Does anyone have any experience or remarks about this javascript? Is it worth including? Do you recommend it?
I know many people, myself included that are using various IE hacks to get transparent PNG support. THis looks like a little bit more help, and as long as it works, and the size is fairly small, I wouldn't see much against using it.
I've used it before, and my results are mixed. Those scripts cause IE to churn for a bit on page load. Basically, you have to think of it as iterating through Elements and stylesheet rules to apply "fixes" for areas that are deficient in that particular rendering engine. In some cases, depending on how complicated your markup or stylesheets are, that can take a bit of time and you will see the browser hang.
That said, if you can trade off that performance cost, you will save development time as you'll spend less time hacking around IE6 quirks; IE7/IE8 will provide enough missing functionality that you can avoid certain edge cases, can develop using standards better (min-width/min-height, multiple className selectors, etc.), and certain rendering issues will disappear.
However, if you just need 24-bit transparent PNG support, use a tool built for that. Including IE7/IE8.js for PNG support alone is like pounding in a nail with a tank. Use DD_belatedPNG for that.
It works, but its worth keeping in mind that ie7.js and ie8.js do much more than provide transparent PNG support. Even with the transparent PNG support, its worth keeping in mind that transparent background images cannot be tiled (repeated) using background-repeat or positioned using background-position. This hinders any ability to use CSS rollovers using background-position. I've only used it on one site I've done, and now that I'm updating the site I can't remove the ie8.js because if I do the entire website breaks layout in IE. I don't believe I'll be using it in the future, and instead rely on simple CSS hacks or simply allow my sites to "degrade gracefully" in IE6.
I know that there are some tools for fixing the transparent PNG problem which are more flexible than this. For instance, the jQuery plugin ifixpng2 will support background position, which ie7-js doesn't do.
As long as you are aware of exactly what it fixes, I would say go for it. I'm not sure about this lib exactly, but some libs get very expensive if you have a large DOM, as they tend to hook in HTC file base behaviors on EVERY DOM Element. This causes the dreaded "Loading x of y" status bar message to flash constantly on the initial load, and any newly generated DOM content.
well its beautiful and works grate way u can use cs3 features like li:hover. we did lost of project last time using ie8.js and it works great way.
What are some effective strategies for preventing the use of my proprietary images?
I'm talking about saving them, direct linking to them etc...
Presently I have a watermark on the image, but I'd rather not.
.NET platform preferred, but if there's a strategy that's on another platform that integrates with my existing application that'd be a bonus.
It's not possible to make it "impossible" to download. When a user visits your site you're sending them the pictures. The user will have a copy of that image in the browsers cache and he'd be able to access it even after he leaves the site ( depending on the browser, of course ). Your only real option is to watermark them :O
You could embed each image inside of a flash application, then the browser wouldn't know how to 'save' the image and wouldn't store the raw jpg in the cache folder either. They could still just press the print screen key to get a copy of the image, but it would probably be enough to stop most visitors.
Response.WriteBinary(), embedded flash, JavaScript hacks, hidden divs.
Over the years I have seen and tried every possible way to secure an image and I have come to one conclusion: If it can be seen online; it can be taken, my friend.
So, what you really should consider what the final goal of this action would really be. Prevent piracy? If a gross and oversized watermark is not your style, you can always embed hidden data (Apress had an article that looked promising on digital steganography) in images to identify them as your own later. You might only offer reduced or lower quality images.
Flickr takes the approach of placing a transparent gif layer on top of the image so if you are not logged in and right click you get their ever awesome spaceball.gif. But nothing can prevent a screenshot other than, well, just not offering the picture.
If the music industry could get you to listen to all of your music without copying or owning files they would. If television could broadcast and be certain nobody could store a copy of the cast, they probably would as well. It's the unfortunate part of sharing media with the public. The really good question here is how you can protect your material WITHOUT getting in the way of respectable users from consuming your images. Put on too much protection and nobody will go to your site/use your software (Personally if you try to disable my mouse I'll go from good user to bad nearly instantly).
using JavaScript to override the click event is the most common I have seen...
see: http://pubs.logicalexpressions.com/pub0009/LPMArticle.asp?ID=41
I figure I might as well put in my two cents.
None of the above methods will work with perhaps the exception of a watermark.
Wherever I go, I can hit print screen on my computer and paste into a graphics editor, and with a little cropping, I have your image.
The only way to overcome the watermark issue would be to use photoshop tools to remove the watermark. At this point, i think most people would just give up and pay you for your content or at a minimum go rip off somebody else.
Short answer: you can't. Whatever you display to a user is going to be available to them. You can watermark it, blur it, or offer a low-res version of it, but the bottom line is that whatever images are displayed in the user's browser are going to be available to them in some way.
It's just not possible. There is always the PrintScreen button.
Whatever is displayed, can be captured.
I would watermark them, and reduce the resolution, of the actual files, instead of doing it through an application on the user's end.
unfortunately you can always screen grab the browser and crop the image out, not perfect but it circumvents almost every solution posted here :(
Another approach I've seen that's still entirely vulnerable to screen grabs but does make right-click and cache searching sufficiently annoying is to break the image up into many little images and display them on your page tiled together to appear as though they were a single image. But as everyone has said, if they can see it, they can grab it.
Realistically you can't, unless you don't want them to see it in the first place. You could use some javascript to catch the right mouse button click, but that's really about it.
Another thought, you could possibly embed it in flash, but again, they could just take a screenshot.
Sorry. That's impossible. All you can do is make it inconvenient a la flickr.
It's just not possible. There is always the PrintScreen button.
I remember testing ImageFreeze years ago. It used a Java applet to fetch and display images. The image data and connection was encrypted and the unencrypted image wasn't stored in a temp folder or even in Java's cache.
Also, the applet constantly cleared the windows clipbrd so Print Screen didn't work.
It worked pretty good, but it had some faults.
Besides requiring Java, the JS that embedded the applet (and maybe the applet itself) was setup to not load properly in any browser that didn't give access to the windows clipbrd. This meant that it only worked in IE and only on windows.
Also, the interval the applet used to clear the clipbrd could be beaten with a really fast Print Screen and ctrl+v into Gimp. Printing the screen in other ways would work too.
Finally, Jad could decompile the applet and all/most of its files. So, if you really wanted the pics, you could poke around in the source to figure out how they did it.
In short, you can go out of your way to stop a lot of people, but usability goes down the drain and there will always be a way to get the image if the visitor can see it.
Anything you send to the client is, like, on the client. Not much you can do about it besides making somewhere between "sorta hard" and "quite hard" to save the image.
I must say in the begining that it is almost impossible to stop the
images or text being copied, but making it difficult will prevent most
of the users to steal content.. In this article I will give a easier
but effective way of protecting images with html/css. We will take a
very simple way for this… Firstly in a div we will place the image
with a given height and width. (Say 200 X 200)
Now we can place another transparent image with same height and
width and give it a margine of -200. So that it will overlap the
actual image. And when the user will try to copy this, they will end
up with the transparent gif only…
<div style=”float: left;”>
<img src=”your-image.jpg” style=”width: 200px;height: 200px;”/>
<img src=”the-dummy-image.png” style=”border: 0px solid #000; width: 200px; height: 250px; margin-left: -200px; ” />
</div>