如何防止在像 Tomcat 这样的独立 Java web 应用程序服务器上进行热链接?
最佳答案
使用 Tuckey 的 URLRewriteFilter(其他人已经间接提及)。来自documentation :
<rule>
<name>Blocked Inline-Images</name>
<note>
Assume we have under http://www.quux-corp.de/~quux/ some pages with inlined GIF graphics. These graphics are
nice, so others directly incorporate them via hyperlinks to their pages. We don't like this practice because
it adds useless traffic to our server.
While we cannot 100% protect the images from inclusion, we can at least restrict the cases where the browser
sends a HTTP Referer header.
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www.quux-corp.de/~quux/.*$ [NC]
RewriteRule .*\.gif$ - [F]
</note>
<condition name="referer" operator="notequal">^$</condition>
<condition name="referer" operator="notequal">^http://www.quux-corp.de/~quux/.*$</condition>
<from>.*\.gif$</from>
<set type="status">403</set>
<to>null</to>
</rule>
<rule>
<name>Blocked Inline-Images example 2</name>
<note>
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !.*/foo-with-gif\.html$
RewriteRule ^inlined-in-foo\.gif$ - [F]
</note>
<condition name="referer" operator="notequal">^$</condition>
<condition name="referer" operator="notequal">.*/foo-with-gif\.html$</condition>
<from>^inlined-in-foo\.gif$</from>
<set type="status">403</set>
<to>null</to>
</rule>
关于java - 如何防止独立 Java webapp 服务器上的热链接?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/4051222/