如何防止从我的网站下载图像和视频文件?

时间:2021-11-21 09:07:20

How to prevent downloading images and video files from my website? Is it possible? What would be the best way to do this?

如何防止从我的网站下载图像和视频文件?是可能的吗?最好的方法是什么?

23 个解决方案

#1


74  

No, it's not possible.

不,这是不可能的。

If you can see it, you can get it.

如果你能看到它,你就能得到它。

#2


15  

Don't post them to your site.

不要把它们贴在你的网站上。

Otherwise it is not possible.

否则这是不可能的。

#3


10  

Images must be downloaded in order to be viewed by the client. Videos are a similar case, in many scenarios. You can setup proxy scripts to serve the files out, but that doesn't really solve the issue of preventing the user from getting their own copy. For a more thorough discussion of this topic, see the question How can I prevent/make it hard to download my flash video?

图片必须下载才能被客户端看到。在很多情况下,视频都是类似的情况。您可以设置代理脚本以服务这些文件,但这并不能真正解决防止用户获得自己的副本的问题。要更深入地讨论这个话题,请参见如何防止/使我的flash视频难以下载的问题。

#4


7  

In short, no. If someone can view an image or video in their browser then they have, by definition, downloaded it. That's how the web works - it is client server based. Whatever you can view in your browser (client) has been transfered to your computer from the remote website (server).

简而言之,没有。如果有人可以在浏览器中查看图片或视频,那么根据定义,他们可以下载它。这就是web的工作方式——它是基于客户端服务器的。您可以在浏览器(客户端)中查看的内容已经从远程网站(服务器)转移到您的计算机。

#5


7  

I'd like to add a more philosophical comment. The whole intent of the internet, particularly the World Wide Web, is to share data. If you don't want people to download a picture/video/document, don't put it on the web. It's really that simple. Too many people think they can impose their own rules on an existing design. Those who want to post content on the web, and control its distribution, are looking to have their cake and eat it too.

我想补充一句更有哲理的评论。互联网,特别是万维网,的全部目的是共享数据。如果你不想让人们下载图片/视频/文档,不要把它放到网上。真的那么简单。太多的人认为他们可以把自己的规则强加于现有的设计上。那些想要在网上发布内容,并控制其发行的人,都希望得到他们的蛋糕,并把它吃掉。

#6


6  

In standard HTML, I don't know of anyway.

在标准HTML中,我也不知道。

You didn't really say, but I'm guessing you are having problems with people deep linking into your content. If that's the case, and you are open to server side code, I believe this might work:

你并没有说,但我猜你和那些深入链接你的内容的人有问题。如果是这种情况,并且您对服务器端代码是开放的,我相信这可能会奏效:

  1. Create a page that accepts a numeric id, maps it to a server file path, opens that file, writes the binary directly to the response stream.
  2. 创建一个接受数字id的页面,将其映射到服务器文件路径,打开该文件,将二进制文件直接写入响应流。
  3. On the page request, generate a bunch of random ids, and map them to the actual media urls, and store that mapping object server side somewhere (in session?) with a limited life.
  4. 在页面请求中,生成一堆随机id,并将它们映射到实际的媒体url,并将映射对象服务器端存储在某个地方(会话中?),使用时间有限。
  5. Render your pages with your media links pointing to the new media page with the appropriate id as a query string argument.
  6. 使用指向新媒体页面的媒体链接呈现页面,并使用适当的id作为查询字符串参数。
  7. Clear the mapping object and generate all new links on every postback.
  8. 清除映射对象并在每个回发上生成所有新的链接。

This :

这样的:

  1. won't stop people from downloading from within your page
  2. 不会阻止人们从你的页面内下载
  3. definitely isn't as lightweight as standard HTML
  4. 绝对没有标准HTML那么轻量级
  5. and has it's own set of issues.
  6. 也有自己的问题。

But it's a general outline of a workable process which might help you prevent users from deep linking.

但是它是一个可操作过程的概要,可以帮助您防止用户进行深度链接。

#7


5  

As many have said, you can't stop someone from downloading content. You just can't.

正如许多人所说,你不能阻止某人下载内容。你不能。

But you can make it harder.

但是你可以让它变得更困难。

You can overlay images with a transparent div, which will prevent people from right clicking on them (or, setting the background of a div to the image will have the same effect).

您可以使用透明的div来覆盖图像,这将防止人们右键单击它们(或者,将div的背景设置为图像将具有相同的效果)。

If you're worried about cross-linking (ie, other people linking to your images, you can check the HTTP referrer and redirect requests which come from a domain which isn't yours to "something else".

如果您担心交叉链接(例如,其他人链接到您的映像),您可以检查HTTP referrer并将来自非您的域的请求重定向到“其他”。

#8


3  

It also doesn't hurt to watermark your images with Photoshop or even in Lightroom 3 now. Make sure the watermark is clear and in a conspicuous place on your image. That way if it's downloaded, at least you get the advertising!

使用Photoshop或者甚至是lightroom3也不会对你的图像进行水印。确保你的图像上的水印清晰醒目。这样的话,如果它被下载了,至少你得到了广告!

#9


3  

As the browser needs to transfer the content to display it (text, images, videos), the data is already on the client's computer when the website is displayed. Yet, as the previous answers give little advice on how to make it harder for non-experienced used to grab the content, here are some directions:

由于浏览器需要传输内容来显示它(文本、图像、视频),所以显示网站时数据已经在客户端计算机上。然而,正如之前的答案所给出的建议一样,如何让没有经验的人更难获取内容,以下是一些建议:

  • General
    • Overlay the respecitve content with a transparent <DIV> or a transparent image (as described in some answers to this question)
    • 用透明的
      或透明的图像覆盖尊重的内容(如对这个问题的一些回答所述)
    • Open the website in a frameset, so saving may miss the frame content.
    • 在一个框架集中打开网站,所以保存可能会错过框架内容。
    • Open the website via window.open() to hide the menu bar.
    • 通过windows . Open()打开网站,隐藏菜单栏。
    • Disable right-clicks via JavaScript (not recommended due to all the side-effects on usability)
    • 通过JavaScript禁用右击(由于对可用性的所有副作用不推荐)
    • Load the page's HTML code from another file (which may check for a specific referer or which may be ROT13) via JavaScript, so it's harder to access the source code.
    • 从另一个文件(可以通过JavaScript检查特定的引用者或ROT13)加载页面的HTML代码,因此很难访问源代码。
    • Tell the browser that all content is display:none for the printer (something like @media print { body, div, p { display: none } })
    • 告诉浏览器,所有内容都显示为display:none for the printer(比如@media print {body, div, p {display:none})
    • Use JavaScript to hide the content before a client makes a screenshot (see Stop User from using “Print Scrn”)
    • 使用JavaScript在客户端进行屏幕截图之前隐藏内容(请参见停止用户使用“Print Scrn”)
    • Try to disable or overwrite the clipboard (see this post)
    • 尝试禁用或覆盖剪贴板(请参阅本文)
  • 一般用一个透明的
    或一个透明的图像(正如在回答这个问题时所描述的)在一个框架集中打开网站,因此保存可能会丢失框架内容。通过windows . Open()打开网站,隐藏菜单栏。通过JavaScript禁用右击(由于可用性的所有副作用不建议这样做),从另一个文件(它可以通过JavaScript检查特定的引用者或ROT13)加载页面的HTML代码,因此很难访问源代码。告诉浏览器,所有内容显示:所有的打印机(类似@media打印{身体,div,p {显示:没有} })使用JavaScript来隐藏内容之前,客户端使截图(见阻止用户使用“打印Scrn”)试图禁用或覆盖剪贴板(见本文)
  • Images
    • Do not use the <img> tag for images but set the image as background for a <DIV>
    • 不要对图像使用如何防止从我的网站下载图像和视频文件?标记,而是将图像设置为
      的背景
    • Wrap images into SVGs or Flash movies to make them very hard to access in a usable format.
    • 将图像打包到SVGs或Flash影片中,使它们很难以一种可用的格式访问。
    • Disable caching for images (via <meta> tag or by setting the appropriate header on server delivery), so they are not stored in the browser cache (immeaditely accessible on the client's computer).
    • 禁用图像缓存(通过 标记或在服务器交付时设置适当的头),这样它们就不会存储在浏览器缓存中(在客户端计算机上immeaditaccess)。
    • Cut an image into parts, so it takes some extra work to reconstruct the whole image
    • 把一个图像分割成几个部分,这样就需要做一些额外的工作来重建整个图像
    • Add onmousedown events to images, e.g., display a copyright alert.
    • 向图像添加onmousedown事件,例如,显示版权警报。
    • Deliver the image via server script (e.g., PHP) and check the referer.
    • 通过服务器脚本(例如PHP)交付图像并检查引用者。
  • 图像不使用如何防止从我的网站下载图像和视频文件?标签进行图像处理,而是将图像设置为
    将图像打包成SVGs或Flash影片的背景,使它们很难以一种可用的格式访问。禁用图像缓存(通过 标记或在服务器交付时设置适当的头),这样它们就不会存储在浏览器缓存中(在客户端计算机上immeaditaccess)。将一个图像分割成几个部分,这样就需要做一些额外的工作来重建整个图像,比如向图像添加onmousedown事件,例如显示版权警报。通过服务器脚本(例如PHP)交付图像并检查引用者。
  • Videos
    • Stream videos to prevent simple downloading via URL.
    • 流视频,以防止简单下载通过URL。
    • Wrap videos into a Flash movie.
    • 将视频打包成Flash影片。
    • Use some nasty format that supports DRM.
    • 使用一些讨厌的支持DRM的格式。
  • 视频流视频,以防止简单的下载通过URL。将视频打包成Flash影片。使用一些讨厌的支持DRM的格式。
  • Texts
    • Make text unselectable (see How to make HTML Text unselectable)
    • 使文本不可选(参见如何使HTML文本不可选)
    • Additionally to overlaying, wrap the text into JavaScript (e.g., after ROT13 or loaded dynamically from a second file), so the text is not directly available in the source code.
    • 此外,还可以将文本封装到JavaScript中(例如,在ROT13之后或从第二个文件中动态加载),这样在源代码中就不能直接使用文本了。
    • Convert texts to images (this may decrease display quality), SVGs or Flash
    • 将文本转换为图像(这可能会降低显示质量)、SVGs或Flash
  • 文本使文本不可选(参见如何使HTML文本不可选)。此外,还可以将文本打包到JavaScript中(例如,ROT13之后或从第二个文件中动态加载),因此文本在源代码中不能直接使用。将文本转换为图像(这可能会降低显示质量)、SVGs或Flash

Again, I repeat that none of this will stop an experienced user from grabbing the content (e.g. by making a screenshop and - optionally - run OCR on it). Sometimes it's as easy as using the browser's developer tools or using the website without JavaScript. Yet, it will give inexperiences users a hard time, so they may look fom something easier to grab.

再次重申,所有这些都不能阻止一个有经验的用户抓取内容(例如,制作一个屏幕商店,并可选地在其上运行OCR)。有时候,它就像使用浏览器的开发工具或者使用没有JavaScript的网站一样简单。然而,这将给缺乏经验的用户带来困难,因此他们可能看起来更容易获取。

Also keep in mind that the above techniques will affect search engines when reading the page's content (if you're interested in blocking them, start with a robots.txt).

还要记住,在阅读页面内容时,上述技术将影响搜索引擎(如果您有兴趣屏蔽它们,请从robots.txt开始)。

Thank you for any other ideas to complement the above list!

谢谢您的其他想法,以补充以上的清单!

#10


3  

If you are using PHP, the best way is to control it the .htaccess, you need to put your files, images and videos under consideration in a separate folder/directory, and create a new .htaccess file in this directory with the below:

如果您正在使用PHP,最好的方法是控制.htaccess,您需要将正在考虑的文件、图像和视频放在一个单独的文件夹/目录中,并在这个目录中创建一个新的.htaccess文件,如下所示:

RewriteEngine On
RewriteCond %{REQUEST_URI} \.(mp4|mp3|avi)$ [NC]
RewriteCond %{HTTP_REFERER} !^http://sample.com/.*$ [NC]
RewriteRule ^.* - [F,L]

The first line %{REQUEST_URI} will prevent getting the file through the web browser, or through curl. The second line %{HTTP_REFERER} will prevent accessing the imahe/video using HTML tags <img> or <video> from any website except the exception ! you provide instead of http://sample.com/ which usually should be your website itself.

第一行%{REQUEST_URI}将防止通过web浏览器或curl获取文件。第二行%{HTTP_REFERER}将阻止使用HTML标记访问imahe/视频如何防止从我的网站下载图像和视频文件?或 <视频> ,除了例外!你提供的不是http://sample.com/,通常应该是你的网站本身。

You can also have a look at my question and the accepted answer here for more tricks in the browser side.

您还可以查看我的问题和在浏览器方面的更多技巧的公认答案。

#11


2  

you can reduce the possibility but not eliminate it...

你可以减少这种可能性,但不能消除它。

#12


2  

This is how I do it in case anyone in the future is wondering.

我就是这样做的,以防将来有人想知道。

I put this in the .htaccess file on the root server:

我把它放在根服务器的.htaccess文件中:

RewriteEngine on 
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com/ [NC] 
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com.*$ [NC]
RewriteRule \.(mp4|avi)$ - [F]

This stops them from say going to domain.com/videos/myVid.mp4 and then saving it from there.

这阻止了他们进入domain.com/videos/myvi .mp4,然后从那里保存。

#13


1  

No it's not. You may block right-clicks and simillar stuff but if someone wants to download it, he will do so, trust me ;)

不,它不是。你可能会屏蔽右击和simillar之类的东西,但如果有人想下载,他会这么做的,相信我;

#14


1  

As soon as they view your page that includes the picture or video, the item is downloaded into the temporary folder of their browser. So if you don't want it downloaded, don't post it.

只要他们看到包含图片或视频的页面,这个项目就会被下载到他们浏览器的临时文件夹中。所以如果你不想下载,就不要发布。

#15


1  

You can mark folders or files so that they don't have read access (any of the main web servers support this). This allows you to store them on the server without any level of access to the outside world. You may want to do this if you have a service that generates images for someone else to download later, or if you use your web account for FTP access, but don't want anyone to view the files. (i.e. upload a .bak file to the server for someone else to FTP down again).

您可以标记文件夹或文件,使它们没有读访问权限(任何主要web服务器都支持这一点)。这允许您将它们存储在服务器上,而无需任何级别的访问外部世界。如果您有一个服务生成图片供其他人下载,或者您使用您的web帐户进行FTP访问,但是不希望任何人查看这些文件,您可能希望这样做。(也就是说,把一个.bak文件上传到服务器上,让其他人再用FTP上传)。

However, as others have said, getting into copyright areas where people can view the image or video but not save them locally is not fully possibly, although there are tools to discourage illegal usage.

然而,正如其他人所说,进入人们可以看到图片或视频但不能在本地保存的版权区域并不完全可能,尽管有一些工具可以阻止非法使用。

#16


1  

Put your image or video in flash format. Works great.

将你的图像或视频以flash格式显示。伟大的工作。

#17


1  

This is an old post, but for video you might want to consider using MPEG-DASH to obfuscate your files. Plus, it will provide a better streaming experience for your users without the need for a separate streaming server. More info in this post: How to disable video/audio downloading in web pages?

这是一个旧的帖子,但是对于视频,您可能需要考虑使用MPEG-DASH来混淆您的文件。此外,它将为您的用户提供更好的流媒体体验,而不需要单独的流媒体服务器。更多信息在这篇文章:如何禁用视频/音频下载网页?

#18


0  

Granted that any image the user can see will be able to be saved on the computer and there is nothing you can do about it. Now if you want to block access to other images that the user is not supposed to see, I am actually doing it that way:

假定用户看到的任何图像都可以保存在计算机上,对此您无能为力。如果你想阻止用户访问其他用户不应该看到的图片,我实际上是这么做的:

  • Every link is to the "src" in your image tag is in fact a request send to a controller on the server,
  • 每个链接到图像标签中的“src”实际上是发送给服务器上控制器的请求,
  • the server checks the access rights of that specific user, and returns the image if the user is supposed to have access to it,
  • 服务器检查特定用户的访问权限,如果用户有访问权限,服务器返回图像,
  • all images are stored in a directory that is not directly accessible from the browser.
  • 所有图像都存储在一个不能从浏览器直接访问的目录中。

Benefit:

好处:

  • The user will not have access to anything that you don't intent him/her to have access to
  • 用户将无法访问任何您不希望他/她访问的内容

Drawback:

缺点:

  • Those requests are slow.. especially is there are lots of images on the same page. I haven't found a good way to accelerate that in fact..
  • 这些请求慢. .尤其是在同一页上有很多图片。事实上,我还没有找到加速的好办法。

#19


0  

You can set the image to be background image and have a transparent foreground image.

您可以将图像设置为背景图像,并拥有一个透明的前景图像。

#20


0  

You can't stop image/video theft but you can make harder for normal users but you can't make it harder for the programmers like us (I mean thieves that know little web programming).

你无法阻止图像/视频被盗,但你可以让普通用户更难,但你不能让我们这样的程序员更难(我指的是不懂web编程的小偷)。

There are some tricks you can try:

你可以尝试一些技巧:

1.) Using flash as YouTube and many others sites like http://www.funnenjoy.com does.

1)。像YouTube和http://www.漏斗网这样的网站一样使用flash。

2.) Div overlaping or background pic setting (but users with little sense can easily save all resources by opening inspect element or other developer option).

2)。Div覆盖或背景图片设置(但是没有什么意义的用户可以通过打开inspect元素或其他开发人员选项轻松地保存所有资源)。

3.) You can disable right click and specific keys like CTRL + S and others possibles with JavaScript but main drawback is that if user disable JavaScript our all tricks fail down.

3)。您可以禁用右键和特定的键,如CTRL + S和其他可能的JavaScript,但主要缺点是如果用户禁用JavaScript,我们的所有技巧将失败。

4.) Save image in none online directories (if you have full access to web server) and read that files with server side languages like PHP every time when image / video is required and change image id time to time or create script that can automatically change ID after every access.

4)。将图像保存在none在线目录中(如果您可以完全访问web服务器),并在每次需要图像/视频时使用PHP等服务器端语言读取文件,并将图像id时间更改为time,或者创建脚本,在每次访问后自动更改id。

5.) Use .htaccess in apache to prevent linking of your images by others sites. you can use this site to automatically generate .htacess http://www.htaccesstools.com/hotlink-protection/

5)。在apache中使用.htaccess防止其他站点链接您的映像。您可以使用此站点自动生成.htacess http://www.htaccesstools.com/hotlink-protection/

#21


0  

Insert a transparent gif 1px x 1px just inside the <body> tag:

在标签内插入透明的gif 1px x 1px:

<body><img src="route-to-images/blim.gif" class="blimover">

Then style it with this:

然后这样设计:

.blimover {
  width: 100% !important;
  height: 100% !important;
  z-index: 1000 !important;
  position: absolute !important;
  top: 0 !important;
  left: 0 !important;
}

This will remove any click functionality from a page, but it sure stops people stealing any content!

这将从页面上删除任何点击功能,但它确实阻止人们窃取任何内容!

You can apply the same to a <div>, <section>, <article> etc, just name accordingly and prevent your copy and/or images being ripped.

您可以对

等应用相同的名称,并防止您的拷贝和/或图像被撕裂。

Nothing stops a screengrab though ... ...

但是没有什么能阻止屏幕抓取……

#22


0  

If you want only authorised users to get the content, both the client and the server need to use encryption.

如果只希望授权用户获取内容,客户端和服务器都需要使用加密。

For video and audio, a good solution is Azure Media Services, which has content protection and encryption. You embed the Azure media player in your browser and it streams the video from Azure.

对于视频和音频,一个好的解决方案是Azure媒体服务,它有内容保护和加密。你在浏览器中嵌入Azure媒体播放器,并从Azure播放视频。

For documents and email, you can look at Azure Rights Management, which uses a special client. It doesn't currently work in ordinary web browsers, unfortunately, except for one-off, single-use codes.

对于文档和电子邮件,您可以查看Azure权限管理,它使用一个特殊的客户机。不幸的是,除了一次性的单用途代码之外,它目前在普通的web浏览器中不能工作。

I'm not sure exactly how secure all this is, however. As others have pointed out, from a security point of view, once those downloaded bytes are in the "attacker's" RAM, they're as good as gone. No solution is 100% secure in this case (please correct me if I'm wrong). As with most security, the goal is to make it harder, so the 99% don't bother.

然而,我不确定这一切究竟有多安全。正如其他人指出的那样,从安全的角度来看,一旦这些下载的字节在“攻击者”的RAM中,它们就像消失了一样。在这种情况下没有任何解决方案是100%安全的(如果我错了请纠正我)。和大多数的安全一样,目标是让它变得更困难,所以99%的人都不麻烦。

#23


-1  

I think the best way is: STREAM THE VIDEO IN SEPARATED ENCRYPTED PARTS.

我认为最好的办法是:将视频分成不同的加密部分。

There are video hosting services such as vzaar that have this functionality. As far as I know, that will make it really hard to download directly. At least for 95% of the people.

有视频托管服务,如vzaar,有这个功能。据我所知,这将使直接下载变得非常困难。至少是95%的人。

But of course, if the video plays on the screen people can just use a screen recorder and some simple software to record sound from the audio output (but he/she will have to play the ENTIRE thing to save it, totally inconvenient).

但是当然,如果视频在屏幕上播放,人们可以使用一个屏幕录音机和一些简单的软件来记录音频输出的声音(但是他/她必须播放整个视频来保存,完全不方便)。

#1


74  

No, it's not possible.

不,这是不可能的。

If you can see it, you can get it.

如果你能看到它,你就能得到它。

#2


15  

Don't post them to your site.

不要把它们贴在你的网站上。

Otherwise it is not possible.

否则这是不可能的。

#3


10  

Images must be downloaded in order to be viewed by the client. Videos are a similar case, in many scenarios. You can setup proxy scripts to serve the files out, but that doesn't really solve the issue of preventing the user from getting their own copy. For a more thorough discussion of this topic, see the question How can I prevent/make it hard to download my flash video?

图片必须下载才能被客户端看到。在很多情况下,视频都是类似的情况。您可以设置代理脚本以服务这些文件,但这并不能真正解决防止用户获得自己的副本的问题。要更深入地讨论这个话题,请参见如何防止/使我的flash视频难以下载的问题。

#4


7  

In short, no. If someone can view an image or video in their browser then they have, by definition, downloaded it. That's how the web works - it is client server based. Whatever you can view in your browser (client) has been transfered to your computer from the remote website (server).

简而言之,没有。如果有人可以在浏览器中查看图片或视频,那么根据定义,他们可以下载它。这就是web的工作方式——它是基于客户端服务器的。您可以在浏览器(客户端)中查看的内容已经从远程网站(服务器)转移到您的计算机。

#5


7  

I'd like to add a more philosophical comment. The whole intent of the internet, particularly the World Wide Web, is to share data. If you don't want people to download a picture/video/document, don't put it on the web. It's really that simple. Too many people think they can impose their own rules on an existing design. Those who want to post content on the web, and control its distribution, are looking to have their cake and eat it too.

我想补充一句更有哲理的评论。互联网,特别是万维网,的全部目的是共享数据。如果你不想让人们下载图片/视频/文档,不要把它放到网上。真的那么简单。太多的人认为他们可以把自己的规则强加于现有的设计上。那些想要在网上发布内容,并控制其发行的人,都希望得到他们的蛋糕,并把它吃掉。

#6


6  

In standard HTML, I don't know of anyway.

在标准HTML中,我也不知道。

You didn't really say, but I'm guessing you are having problems with people deep linking into your content. If that's the case, and you are open to server side code, I believe this might work:

你并没有说,但我猜你和那些深入链接你的内容的人有问题。如果是这种情况,并且您对服务器端代码是开放的,我相信这可能会奏效:

  1. Create a page that accepts a numeric id, maps it to a server file path, opens that file, writes the binary directly to the response stream.
  2. 创建一个接受数字id的页面,将其映射到服务器文件路径,打开该文件,将二进制文件直接写入响应流。
  3. On the page request, generate a bunch of random ids, and map them to the actual media urls, and store that mapping object server side somewhere (in session?) with a limited life.
  4. 在页面请求中,生成一堆随机id,并将它们映射到实际的媒体url,并将映射对象服务器端存储在某个地方(会话中?),使用时间有限。
  5. Render your pages with your media links pointing to the new media page with the appropriate id as a query string argument.
  6. 使用指向新媒体页面的媒体链接呈现页面,并使用适当的id作为查询字符串参数。
  7. Clear the mapping object and generate all new links on every postback.
  8. 清除映射对象并在每个回发上生成所有新的链接。

This :

这样的:

  1. won't stop people from downloading from within your page
  2. 不会阻止人们从你的页面内下载
  3. definitely isn't as lightweight as standard HTML
  4. 绝对没有标准HTML那么轻量级
  5. and has it's own set of issues.
  6. 也有自己的问题。

But it's a general outline of a workable process which might help you prevent users from deep linking.

但是它是一个可操作过程的概要,可以帮助您防止用户进行深度链接。

#7


5  

As many have said, you can't stop someone from downloading content. You just can't.

正如许多人所说,你不能阻止某人下载内容。你不能。

But you can make it harder.

但是你可以让它变得更困难。

You can overlay images with a transparent div, which will prevent people from right clicking on them (or, setting the background of a div to the image will have the same effect).

您可以使用透明的div来覆盖图像,这将防止人们右键单击它们(或者,将div的背景设置为图像将具有相同的效果)。

If you're worried about cross-linking (ie, other people linking to your images, you can check the HTTP referrer and redirect requests which come from a domain which isn't yours to "something else".

如果您担心交叉链接(例如,其他人链接到您的映像),您可以检查HTTP referrer并将来自非您的域的请求重定向到“其他”。

#8


3  

It also doesn't hurt to watermark your images with Photoshop or even in Lightroom 3 now. Make sure the watermark is clear and in a conspicuous place on your image. That way if it's downloaded, at least you get the advertising!

使用Photoshop或者甚至是lightroom3也不会对你的图像进行水印。确保你的图像上的水印清晰醒目。这样的话,如果它被下载了,至少你得到了广告!

#9


3  

As the browser needs to transfer the content to display it (text, images, videos), the data is already on the client's computer when the website is displayed. Yet, as the previous answers give little advice on how to make it harder for non-experienced used to grab the content, here are some directions:

由于浏览器需要传输内容来显示它(文本、图像、视频),所以显示网站时数据已经在客户端计算机上。然而,正如之前的答案所给出的建议一样,如何让没有经验的人更难获取内容,以下是一些建议:

  • General
    • Overlay the respecitve content with a transparent <DIV> or a transparent image (as described in some answers to this question)
    • 用透明的
      或透明的图像覆盖尊重的内容(如对这个问题的一些回答所述)
    • Open the website in a frameset, so saving may miss the frame content.
    • 在一个框架集中打开网站,所以保存可能会错过框架内容。
    • Open the website via window.open() to hide the menu bar.
    • 通过windows . Open()打开网站,隐藏菜单栏。
    • Disable right-clicks via JavaScript (not recommended due to all the side-effects on usability)
    • 通过JavaScript禁用右击(由于对可用性的所有副作用不推荐)
    • Load the page's HTML code from another file (which may check for a specific referer or which may be ROT13) via JavaScript, so it's harder to access the source code.
    • 从另一个文件(可以通过JavaScript检查特定的引用者或ROT13)加载页面的HTML代码,因此很难访问源代码。
    • Tell the browser that all content is display:none for the printer (something like @media print { body, div, p { display: none } })
    • 告诉浏览器,所有内容都显示为display:none for the printer(比如@media print {body, div, p {display:none})
    • Use JavaScript to hide the content before a client makes a screenshot (see Stop User from using “Print Scrn”)
    • 使用JavaScript在客户端进行屏幕截图之前隐藏内容(请参见停止用户使用“Print Scrn”)
    • Try to disable or overwrite the clipboard (see this post)
    • 尝试禁用或覆盖剪贴板(请参阅本文)
  • 一般用一个透明的
    或一个透明的图像(正如在回答这个问题时所描述的)在一个框架集中打开网站,因此保存可能会丢失框架内容。通过windows . Open()打开网站,隐藏菜单栏。通过JavaScript禁用右击(由于可用性的所有副作用不建议这样做),从另一个文件(它可以通过JavaScript检查特定的引用者或ROT13)加载页面的HTML代码,因此很难访问源代码。告诉浏览器,所有内容显示:所有的打印机(类似@media打印{身体,div,p {显示:没有} })使用JavaScript来隐藏内容之前,客户端使截图(见阻止用户使用“打印Scrn”)试图禁用或覆盖剪贴板(见本文)
  • Images
    • Do not use the <img> tag for images but set the image as background for a <DIV>
    • 不要对图像使用如何防止从我的网站下载图像和视频文件?标记,而是将图像设置为
      的背景
    • Wrap images into SVGs or Flash movies to make them very hard to access in a usable format.
    • 将图像打包到SVGs或Flash影片中,使它们很难以一种可用的格式访问。
    • Disable caching for images (via <meta> tag or by setting the appropriate header on server delivery), so they are not stored in the browser cache (immeaditely accessible on the client's computer).
    • 禁用图像缓存(通过 标记或在服务器交付时设置适当的头),这样它们就不会存储在浏览器缓存中(在客户端计算机上immeaditaccess)。
    • Cut an image into parts, so it takes some extra work to reconstruct the whole image
    • 把一个图像分割成几个部分,这样就需要做一些额外的工作来重建整个图像
    • Add onmousedown events to images, e.g., display a copyright alert.
    • 向图像添加onmousedown事件,例如,显示版权警报。
    • Deliver the image via server script (e.g., PHP) and check the referer.
    • 通过服务器脚本(例如PHP)交付图像并检查引用者。
  • 图像不使用如何防止从我的网站下载图像和视频文件?标签进行图像处理,而是将图像设置为
    将图像打包成SVGs或Flash影片的背景,使它们很难以一种可用的格式访问。禁用图像缓存(通过 标记或在服务器交付时设置适当的头),这样它们就不会存储在浏览器缓存中(在客户端计算机上immeaditaccess)。将一个图像分割成几个部分,这样就需要做一些额外的工作来重建整个图像,比如向图像添加onmousedown事件,例如显示版权警报。通过服务器脚本(例如PHP)交付图像并检查引用者。
  • Videos
    • Stream videos to prevent simple downloading via URL.
    • 流视频,以防止简单下载通过URL。
    • Wrap videos into a Flash movie.
    • 将视频打包成Flash影片。
    • Use some nasty format that supports DRM.
    • 使用一些讨厌的支持DRM的格式。
  • 视频流视频,以防止简单的下载通过URL。将视频打包成Flash影片。使用一些讨厌的支持DRM的格式。
  • Texts
    • Make text unselectable (see How to make HTML Text unselectable)
    • 使文本不可选(参见如何使HTML文本不可选)
    • Additionally to overlaying, wrap the text into JavaScript (e.g., after ROT13 or loaded dynamically from a second file), so the text is not directly available in the source code.
    • 此外,还可以将文本封装到JavaScript中(例如,在ROT13之后或从第二个文件中动态加载),这样在源代码中就不能直接使用文本了。
    • Convert texts to images (this may decrease display quality), SVGs or Flash
    • 将文本转换为图像(这可能会降低显示质量)、SVGs或Flash
  • 文本使文本不可选(参见如何使HTML文本不可选)。此外,还可以将文本打包到JavaScript中(例如,ROT13之后或从第二个文件中动态加载),因此文本在源代码中不能直接使用。将文本转换为图像(这可能会降低显示质量)、SVGs或Flash

Again, I repeat that none of this will stop an experienced user from grabbing the content (e.g. by making a screenshop and - optionally - run OCR on it). Sometimes it's as easy as using the browser's developer tools or using the website without JavaScript. Yet, it will give inexperiences users a hard time, so they may look fom something easier to grab.

再次重申,所有这些都不能阻止一个有经验的用户抓取内容(例如,制作一个屏幕商店,并可选地在其上运行OCR)。有时候,它就像使用浏览器的开发工具或者使用没有JavaScript的网站一样简单。然而,这将给缺乏经验的用户带来困难,因此他们可能看起来更容易获取。

Also keep in mind that the above techniques will affect search engines when reading the page's content (if you're interested in blocking them, start with a robots.txt).

还要记住,在阅读页面内容时,上述技术将影响搜索引擎(如果您有兴趣屏蔽它们,请从robots.txt开始)。

Thank you for any other ideas to complement the above list!

谢谢您的其他想法,以补充以上的清单!

#10


3  

If you are using PHP, the best way is to control it the .htaccess, you need to put your files, images and videos under consideration in a separate folder/directory, and create a new .htaccess file in this directory with the below:

如果您正在使用PHP,最好的方法是控制.htaccess,您需要将正在考虑的文件、图像和视频放在一个单独的文件夹/目录中,并在这个目录中创建一个新的.htaccess文件,如下所示:

RewriteEngine On
RewriteCond %{REQUEST_URI} \.(mp4|mp3|avi)$ [NC]
RewriteCond %{HTTP_REFERER} !^http://sample.com/.*$ [NC]
RewriteRule ^.* - [F,L]

The first line %{REQUEST_URI} will prevent getting the file through the web browser, or through curl. The second line %{HTTP_REFERER} will prevent accessing the imahe/video using HTML tags <img> or <video> from any website except the exception ! you provide instead of http://sample.com/ which usually should be your website itself.

第一行%{REQUEST_URI}将防止通过web浏览器或curl获取文件。第二行%{HTTP_REFERER}将阻止使用HTML标记访问imahe/视频如何防止从我的网站下载图像和视频文件?或 <视频> ,除了例外!你提供的不是http://sample.com/,通常应该是你的网站本身。

You can also have a look at my question and the accepted answer here for more tricks in the browser side.

您还可以查看我的问题和在浏览器方面的更多技巧的公认答案。

#11


2  

you can reduce the possibility but not eliminate it...

你可以减少这种可能性,但不能消除它。

#12


2  

This is how I do it in case anyone in the future is wondering.

我就是这样做的,以防将来有人想知道。

I put this in the .htaccess file on the root server:

我把它放在根服务器的.htaccess文件中:

RewriteEngine on 
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com/ [NC] 
RewriteCond %{HTTP_REFERER} !^http://(www\.)?domain.com.*$ [NC]
RewriteRule \.(mp4|avi)$ - [F]

This stops them from say going to domain.com/videos/myVid.mp4 and then saving it from there.

这阻止了他们进入domain.com/videos/myvi .mp4,然后从那里保存。

#13


1  

No it's not. You may block right-clicks and simillar stuff but if someone wants to download it, he will do so, trust me ;)

不,它不是。你可能会屏蔽右击和simillar之类的东西,但如果有人想下载,他会这么做的,相信我;

#14


1  

As soon as they view your page that includes the picture or video, the item is downloaded into the temporary folder of their browser. So if you don't want it downloaded, don't post it.

只要他们看到包含图片或视频的页面,这个项目就会被下载到他们浏览器的临时文件夹中。所以如果你不想下载,就不要发布。

#15


1  

You can mark folders or files so that they don't have read access (any of the main web servers support this). This allows you to store them on the server without any level of access to the outside world. You may want to do this if you have a service that generates images for someone else to download later, or if you use your web account for FTP access, but don't want anyone to view the files. (i.e. upload a .bak file to the server for someone else to FTP down again).

您可以标记文件夹或文件,使它们没有读访问权限(任何主要web服务器都支持这一点)。这允许您将它们存储在服务器上,而无需任何级别的访问外部世界。如果您有一个服务生成图片供其他人下载,或者您使用您的web帐户进行FTP访问,但是不希望任何人查看这些文件,您可能希望这样做。(也就是说,把一个.bak文件上传到服务器上,让其他人再用FTP上传)。

However, as others have said, getting into copyright areas where people can view the image or video but not save them locally is not fully possibly, although there are tools to discourage illegal usage.

然而,正如其他人所说,进入人们可以看到图片或视频但不能在本地保存的版权区域并不完全可能,尽管有一些工具可以阻止非法使用。

#16


1  

Put your image or video in flash format. Works great.

将你的图像或视频以flash格式显示。伟大的工作。

#17


1  

This is an old post, but for video you might want to consider using MPEG-DASH to obfuscate your files. Plus, it will provide a better streaming experience for your users without the need for a separate streaming server. More info in this post: How to disable video/audio downloading in web pages?

这是一个旧的帖子,但是对于视频,您可能需要考虑使用MPEG-DASH来混淆您的文件。此外,它将为您的用户提供更好的流媒体体验,而不需要单独的流媒体服务器。更多信息在这篇文章:如何禁用视频/音频下载网页?

#18


0  

Granted that any image the user can see will be able to be saved on the computer and there is nothing you can do about it. Now if you want to block access to other images that the user is not supposed to see, I am actually doing it that way:

假定用户看到的任何图像都可以保存在计算机上,对此您无能为力。如果你想阻止用户访问其他用户不应该看到的图片,我实际上是这么做的:

  • Every link is to the "src" in your image tag is in fact a request send to a controller on the server,
  • 每个链接到图像标签中的“src”实际上是发送给服务器上控制器的请求,
  • the server checks the access rights of that specific user, and returns the image if the user is supposed to have access to it,
  • 服务器检查特定用户的访问权限,如果用户有访问权限,服务器返回图像,
  • all images are stored in a directory that is not directly accessible from the browser.
  • 所有图像都存储在一个不能从浏览器直接访问的目录中。

Benefit:

好处:

  • The user will not have access to anything that you don't intent him/her to have access to
  • 用户将无法访问任何您不希望他/她访问的内容

Drawback:

缺点:

  • Those requests are slow.. especially is there are lots of images on the same page. I haven't found a good way to accelerate that in fact..
  • 这些请求慢. .尤其是在同一页上有很多图片。事实上,我还没有找到加速的好办法。

#19


0  

You can set the image to be background image and have a transparent foreground image.

您可以将图像设置为背景图像,并拥有一个透明的前景图像。

#20


0  

You can't stop image/video theft but you can make harder for normal users but you can't make it harder for the programmers like us (I mean thieves that know little web programming).

你无法阻止图像/视频被盗,但你可以让普通用户更难,但你不能让我们这样的程序员更难(我指的是不懂web编程的小偷)。

There are some tricks you can try:

你可以尝试一些技巧:

1.) Using flash as YouTube and many others sites like http://www.funnenjoy.com does.

1)。像YouTube和http://www.漏斗网这样的网站一样使用flash。

2.) Div overlaping or background pic setting (but users with little sense can easily save all resources by opening inspect element or other developer option).

2)。Div覆盖或背景图片设置(但是没有什么意义的用户可以通过打开inspect元素或其他开发人员选项轻松地保存所有资源)。

3.) You can disable right click and specific keys like CTRL + S and others possibles with JavaScript but main drawback is that if user disable JavaScript our all tricks fail down.

3)。您可以禁用右键和特定的键,如CTRL + S和其他可能的JavaScript,但主要缺点是如果用户禁用JavaScript,我们的所有技巧将失败。

4.) Save image in none online directories (if you have full access to web server) and read that files with server side languages like PHP every time when image / video is required and change image id time to time or create script that can automatically change ID after every access.

4)。将图像保存在none在线目录中(如果您可以完全访问web服务器),并在每次需要图像/视频时使用PHP等服务器端语言读取文件,并将图像id时间更改为time,或者创建脚本,在每次访问后自动更改id。

5.) Use .htaccess in apache to prevent linking of your images by others sites. you can use this site to automatically generate .htacess http://www.htaccesstools.com/hotlink-protection/

5)。在apache中使用.htaccess防止其他站点链接您的映像。您可以使用此站点自动生成.htacess http://www.htaccesstools.com/hotlink-protection/

#21


0  

Insert a transparent gif 1px x 1px just inside the <body> tag:

在标签内插入透明的gif 1px x 1px:

<body><img src="route-to-images/blim.gif" class="blimover">

Then style it with this:

然后这样设计:

.blimover {
  width: 100% !important;
  height: 100% !important;
  z-index: 1000 !important;
  position: absolute !important;
  top: 0 !important;
  left: 0 !important;
}

This will remove any click functionality from a page, but it sure stops people stealing any content!

这将从页面上删除任何点击功能,但它确实阻止人们窃取任何内容!

You can apply the same to a <div>, <section>, <article> etc, just name accordingly and prevent your copy and/or images being ripped.

您可以对

等应用相同的名称,并防止您的拷贝和/或图像被撕裂。

Nothing stops a screengrab though ... ...

但是没有什么能阻止屏幕抓取……

#22


0  

If you want only authorised users to get the content, both the client and the server need to use encryption.

如果只希望授权用户获取内容,客户端和服务器都需要使用加密。

For video and audio, a good solution is Azure Media Services, which has content protection and encryption. You embed the Azure media player in your browser and it streams the video from Azure.

对于视频和音频,一个好的解决方案是Azure媒体服务,它有内容保护和加密。你在浏览器中嵌入Azure媒体播放器,并从Azure播放视频。

For documents and email, you can look at Azure Rights Management, which uses a special client. It doesn't currently work in ordinary web browsers, unfortunately, except for one-off, single-use codes.

对于文档和电子邮件,您可以查看Azure权限管理,它使用一个特殊的客户机。不幸的是,除了一次性的单用途代码之外,它目前在普通的web浏览器中不能工作。

I'm not sure exactly how secure all this is, however. As others have pointed out, from a security point of view, once those downloaded bytes are in the "attacker's" RAM, they're as good as gone. No solution is 100% secure in this case (please correct me if I'm wrong). As with most security, the goal is to make it harder, so the 99% don't bother.

然而,我不确定这一切究竟有多安全。正如其他人指出的那样,从安全的角度来看,一旦这些下载的字节在“攻击者”的RAM中,它们就像消失了一样。在这种情况下没有任何解决方案是100%安全的(如果我错了请纠正我)。和大多数的安全一样,目标是让它变得更困难,所以99%的人都不麻烦。

#23


-1  

I think the best way is: STREAM THE VIDEO IN SEPARATED ENCRYPTED PARTS.

我认为最好的办法是:将视频分成不同的加密部分。

There are video hosting services such as vzaar that have this functionality. As far as I know, that will make it really hard to download directly. At least for 95% of the people.

有视频托管服务,如vzaar,有这个功能。据我所知,这将使直接下载变得非常困难。至少是95%的人。

But of course, if the video plays on the screen people can just use a screen recorder and some simple software to record sound from the audio output (but he/she will have to play the ENTIRE thing to save it, totally inconvenient).

但是当然,如果视频在屏幕上播放,人们可以使用一个屏幕录音机和一些简单的软件来记录音频输出的声音(但是他/她必须播放整个视频来保存,完全不方便)。