Month's top: Whynotsignup00 with 28$
Want LAH to translate a manga for you?
Little Angels Hentai Forum Index
It's for you!
Q's about direct linking prevention
Goto page 1, 2, 3  Next
 
Compose reply Little Angels Hentai Forum Index » Help and test-post forum View previous thread
View next thread
DMCA
Q's about direct linking prevention
Author Message
jacxxx
Earth Angel
Warnings:
Posts: 1308

Post Q's about direct linking prevention Quote
In the Loli gifs thread here it occurred to me that I don't really understand why we have to change http to hxxp for external links.

In the first place the RULES AND FAQ seem to make no difference between internal and external links, but since LAH itself uses http for internal references (e.g. "Attachment already posted. If you really need to include it in your post, add this line to your post: http://littleangelshentai.net/forum/download.php?id=107068"), it is clear that the rule applies to external links only. Q1: did I interpret the present R&F's correctly and has the external character of this rule to be added?

It seems to be common knowledge (but I didn´t know Embarassed), it is done "to prevent inline linking". According to hxxp://en.wikipedia.org/wiki/Inline_linking : "Inline linking (also known as hotlinking, leeching, piggy-backing, direct linking, offsite image grabs, bandwidth theft) is the use of a linked object, often an image, from one site by a web page belonging to a second site. The second site is said to have an inline link to the site where the object is located." Q2: How much damage would occur, if any, when we didn't follow this rule?


_________________
My avatar shows the first encounter of Yuki in the Land of Eternal Snow. Yuki would become my favorite character in the on-going Mystics Saga by arrancar85 In Love
Mon Jun 18, 2012 8:10 am Profile PM
ult_combo
Matrix Angel
Warnings:
Posts: 1235

Post Quote
I think this question has been very well explained in many topics and I'm not the most suitable person to explain it, but well:

ult_combo:
The hxxp is to prevent hot-linking, that's to prevent forwarding referrers so file-hosting sites don't know you're coming from LAH. Many host sites have deleted all files that were linked from LAH already, with the hxxp/code tags we technically prevent them from having this information and making a mass file deletion from our posts. That's just to keep our files safer, per se.
(source)

Addition: not only file-hosters, but other sites (image hosting, forums etc) could also blacklist us. I've mentioned file-hosters as they're probably the most significant part which can use the referrer info to mass delete our contributions. Smile


_________________
My main MF acc was suspended, use other mirrors until I re-up it all to a new host.



There is no knowledge that is not power.
Our only limitations are those we set up in our own minds.
Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away.
Measuring software productivity by lines of code is like measuring progress on an airplane by how much it weighs.
Programming is an art form, whose real value can only be appreciated by another versed in the same arcane art.
Mon Jun 18, 2012 9:10 am Profile PM MSN Skype
jacxxx
Earth Angel
Warnings:
Posts: 1308

Post My conclusions + Q3 Quote
Thank you very much for your quick and clear answer to Q2, ult!
ult_combo:
I think this question has been very well explained in many topics ...
Right above I referred to " ... the Loli gifs thread here " in which I said "in http://littleangelshentai.net/forum/viewtopic.php?p=10355#10355 I found a reason that sounds reasonable why to use hxxp for external links. And I guess: may be internal links never give "band-width" problems ... Until further notice I continue myself not to use hxxp for internal links".
One post further in the Loli gifs thread Elec corrected me - ty too Elec! - but I was not immediately convinced because I didn't understand him Embarassed.
That's why I asked Q1 + Q2 in this forum again.

My conclusion 1: Q2 has indeed been explained before, but not always very well.

ult_combo:
ult_combo:
The hxxp is to prevent hot-linking, that's to prevent forwarding referrers so file-hosting sites don't know you're coming from LAH. Many host sites have deleted all files that were linked from LAH already, with the hxxp/code tags we technically prevent them from having this information and making a mass file deletion from our posts. That's just to keep our files safer, per se.
(source)

Addition: not only file-hosters, but other sites (image hosting, forums etc) could also blacklist us. I've mentioned file-hosters as they're probably the most significant part which can use the referrer info to mass delete our contributions. Smile

My conclusion 2: This sounds very reasonable, especially since some file-hosters don't seem to like loli's Surprised

Tentative conclusion 3: a better title for "Q's about direct linking prevention" would be "Q's about blacklist prevention"?

More questions: I never dared to ask, and I know I couldn't find it in the past, when I first began to use it ...
Q3: How does a code field help to prevent linked sites from knowing the LAH address?

It is clear that the hxxp/code rule applies to external links only.
Q1 (repeated): did I interpret the present Rules & FAQ's correctly and has the external character of this rule to be added? Our Beginner Angel Lokimani now still is going to use hxxp for all links, I think (see http://littleangelshentai.net/forum/viewtopic.php?p=275623#275623 ) Smile


_________________
My avatar shows the first encounter of Yuki in the Land of Eternal Snow. Yuki would become my favorite character in the on-going Mystics Saga by arrancar85 In Love
Tue Jun 19, 2012 5:33 pm Profile PM
Werweißschon
Hikki Angel
Warnings:
Posts: 6191

Post Re: My conclusions + Q3 Quote
jacxxx:
...
Q3: How does a code field help to prevent linked sites from knowing the LAH address?...

By putting a link into the code field (without adding the url tags) like this (just took the first one I saw for reference):
Code:
http://littleangelshentai.net/forum/viewtopic.php?p=275695#275695
they should normally be not directly click-to-open-able so people are supposed to copy the link and paste it into a new tab/browser (whatever they prefer). Of course this only works if they are smart enough to actually put it in a new one and not in the already open one (I guess this would have the same effect as using a unhxxped link), so I prefer to hxxp them.

Tue Jun 19, 2012 6:23 pm Profile PM
Sat
Star Angel
Warnings:
Posts: 7535

Post Quote
The code tags have been tolerated, but they mostly do not work as intended.

We are exploring the different possibilities to change this in the future.
Though the only reasonable system that would actually do what we need would require
people to copy and paste twice. Not sure if anyone wants that.


_________________

Some people say, the universe is a Star Ocean!

Want to donate to keep the site up? PM me for possible donation ways!
We now also accept Bitcoin.

Got a suggestion on how we can improve LAH? Post it here or vote for other people's suggestions!
Tue Jun 19, 2012 8:56 pm Profile PM WWW Skype
ult_combo
Matrix Angel
Warnings:
Posts: 1235

Post Quote
@Sat
I could easily add a "copy" button with zeroClipboard to the ShareCodes mod to automatically copy the URL+sharecode to the clipboard, but well this is talk for the Projects/Dev team and with the 2 major projects under the way it'd take some time to consider the usability and viability for this addon. Razz

@topic
Q3: I usually go to hxxp://www.stardrifter.org/cgi-bin/ref.cgi for testing. If you normally copy the link, open a new tab and un-hxxp it, you'll see an empty "Referer:" field.

Now try this one:
Code:
http://www.stardrifter.org/cgi-bin/ref.cgi
If you select the URL, right click it and select "Open in a new tab" (in Firefox), it'll display that you're coming from LAH. If you select the URL, right click and choose "Go to <url>" (Chrome), it will display an empty referer field.

In conclusion, there are inconsistencies across browsers when handling this situation, but it's no longer 100% safe as it used to be when the rule was implemented. Razz


_________________
My main MF acc was suspended, use other mirrors until I re-up it all to a new host.



There is no knowledge that is not power.
Our only limitations are those we set up in our own minds.
Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away.
Measuring software productivity by lines of code is like measuring progress on an airplane by how much it weighs.
Programming is an art form, whose real value can only be appreciated by another versed in the same arcane art.
Wed Jun 20, 2012 3:45 am Profile PM MSN Skype
jacxxx
Earth Angel
Warnings:
Posts: 1308

Post Quote
Werweißschon:
By putting a link into the code field (without adding the url tags) ... it should normally be not directly click-to-open-able so people are supposed to copy the link and paste it into a new tab...
That's it! I never realized it. So simple! Embarassed
Werweißschon:
... this only works if they ... put it in a new tab and not in the already open one ...
This seems to be a firefox problem.
Werweißschon:
... so I prefer to hxxp them.
You may be right, but.. when you select in this example "hxxp://www.stardrifter.org/ " only the last part " www.stardrifter.org/ " and open it with a right mouse-click, I assume in firefox you have the same problem? (you may check this using ult's stardrifter test).
Sat:
...the only reasonable system that would actually do what we need would require
people to copy and paste twice...
?Can you be more specific?

Q4: Isn't it possible to automatically send all requests to external links back to the requester who may then choose to open the given external link from his own address by answering yes or no?

@ult_combo: using opera I didn't get any unwanted referer information from stardrifter. But ... perhaps www.stardrifter.org/cgi-bin/ref.cgi only works when using firefox?


_________________
My avatar shows the first encounter of Yuki in the Land of Eternal Snow. Yuki would become my favorite character in the on-going Mystics Saga by arrancar85 In Love
Wed Jun 20, 2012 8:38 am Profile PM
Electricus
Angel of the Face
Warnings:
Posts: 14092

Post Re: My conclusions + Q3 Quote
jacxxx:
One post further in the Loli gifs thread Elec corrected me - ty too Elec! - but I was not immediately convinced because I didn't understand him Embarassed.
You don't have to understand me to know I'm right.

Wed Jun 20, 2012 9:07 am Profile PM
frzangel
No Life Angel
Warnings: Warning
Posts: 4219

Post Quote
Electricus:
You don't have to understand me to know I'm right.
Razz

We can add anonym.to to the links as well.


_________________

DON'T ASK FOR PASS IN PM! READ THE RULES AND FAQ!
Wed Jun 20, 2012 11:20 am Profile PM
Sat
Star Angel
Warnings:
Posts: 7535

Post Quote
jacxxx:
?Can you be more specific?

Yes, basically, the url would be split into two separate fields and you would have to copy each of them and paste them together into a new window/tab to get the url. I know sites using this system.


_________________

Some people say, the universe is a Star Ocean!

Want to donate to keep the site up? PM me for possible donation ways!
We now also accept Bitcoin.

Got a suggestion on how we can improve LAH? Post it here or vote for other people's suggestions!
Wed Jun 20, 2012 2:29 pm Profile PM WWW Skype
ult_combo
Matrix Angel
Warnings:
Posts: 1235

Post Quote
jacxxx:
@ult_combo: using opera I didn't get any unwanted referer information from stardrifter. But ... perhaps www.stardrifter.org/cgi-bin/ref.cgi only works when using firefox?
Well, selecting a non-clickable URL in a page and opening it in a new tab wasn't a browser's standard feature until a couple years ago, and it's not very standard yet either so different browsers tend to implement it differently.

I linked the stardrifter site just because it's a free hosted simple page, but actually, you can just run 2 lines of PHP code:
Code:
$ref = (isset($_SERVER["HTTP_REFERER"])) ? $_SERVER["HTTP_REFERER"] : '';
echo 'Referer: ' . $ref;
Even on your localhost (as long as you have an apache or similar PHP server running) and you'll have a test page for referer testing. Razz

(Note that echo "Referer: $ref"; is perfectly valid as well but I prefer concatenating the string literal with the string var 'cause I find it more readable in the syntax highlighter Razz)


_________________
My main MF acc was suspended, use other mirrors until I re-up it all to a new host.



There is no knowledge that is not power.
Our only limitations are those we set up in our own minds.
Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away.
Measuring software productivity by lines of code is like measuring progress on an airplane by how much it weighs.
Programming is an art form, whose real value can only be appreciated by another versed in the same arcane art.


Last edited by ult_combo on Wed Jun 12, 2013 10:48 am; edited 1 time in total
Wed Jun 20, 2012 8:24 pm Profile PM MSN Skype
fijneman
Nova Angel
Warnings: Warning
Posts: 2037

Post Quote
Does any one know plugin for Firefox (or Greasemonkey script) to auto change hxxp to http? I'm so lazy to open links in a new tab and edit them Crying or Very sad

Wed Jun 20, 2012 9:00 pm Profile PM
ult_combo
Matrix Angel
Warnings:
Posts: 1235

Post Quote
fijneman:
Does any one know plugin for Firefox (or Greasemonkey script) to auto change hxxp to http? I'm so lazy to open links in a new tab and edit them Crying or Very sad
It doesn't take more than a couple lines of JS to replace all hxxp||hxxps links for http||https. However, as said by Sat not too long ago (can't find the reference atm) it'd defeat the purpose of having hxxp links to prevent hotlinking. Razz

However, there might be other options.. Maybe I could try some JS which forces a window/tab to be opened "without" sending referer headers (most likely would require some workarounds), or replace their href attribute with anonym.to http'd links. Obviously all of this would require throughout testing and I have a lot of work to do atm. I'm open to suggestions however. Razz


edit: Here's one reference.

edit: Couple sites for testing:
hxxp://www.stardrifter.org/cgi-bin/ref.cgi
hxxp://cstsi.ifsul.edu.br/autofluxo/ult_combo/ref.php


_________________
My main MF acc was suspended, use other mirrors until I re-up it all to a new host.



There is no knowledge that is not power.
Our only limitations are those we set up in our own minds.
Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away.
Measuring software productivity by lines of code is like measuring progress on an airplane by how much it weighs.
Programming is an art form, whose real value can only be appreciated by another versed in the same arcane art.
Wed Jun 20, 2012 9:46 pm Profile PM MSN Skype
ult_combo
Matrix Angel
Warnings:
Posts: 1235

Post Quote
Alright, as requested by @fijneman, the UserScript to turn LAH's hxxp links clickable:
Code:
http://userscripts.org/scripts/show/136654

Features:
- Allow left clicking hxxp links to open in new tab/window;
- Turn code block links clickable as well (experimental, read below);
- All generated links go through anonymz.com, effectively preventing hosts from getting any referer info.

Notes:
I had to add one workaround to don't break existing links inside code blocks *ahem*:
Code:
  www.example.com
Bug for which I submitted a fix last month but I guess Sat forgot to implement it and I just realized our forum software was causing some bugs even in the copypasta of the fix code. Re-submitted the fix now. Razz

This version is stable and fully tested on Firefox (Nightly) 16a and Chrome 19. I'll upload a new version of this plugin when the www. code block hotlinking fix gets implemented.

Report if you find any bugs.

edit: Uploaded a new version which utilizes anonymz.com instead of anonym.to, as MF currently blocks anonym.to in Chrome. Thanks Sat for the report & new redirect site.


_________________
My main MF acc was suspended, use other mirrors until I re-up it all to a new host.



There is no knowledge that is not power.
Our only limitations are those we set up in our own minds.
Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away.
Measuring software productivity by lines of code is like measuring progress on an airplane by how much it weighs.
Programming is an art form, whose real value can only be appreciated by another versed in the same arcane art.
Thu Jun 21, 2012 3:53 am Profile PM MSN Skype
jacxxx
Earth Angel
Warnings:
Posts: 1308

Post Quote
ult_combo:
Alright, as requested by @fijneman, the UserScript to turn LAH's hxxp links clickable:
Code:
http://userscripts.org/scripts/show/136654
I opened your userscript and source code, but... how do I implement it in my browser?


_________________
My avatar shows the first encounter of Yuki in the Land of Eternal Snow. Yuki would become my favorite character in the on-going Mystics Saga by arrancar85 In Love
Thu Jun 21, 2012 7:08 am Profile PM
Display posts from previous:    
Options Quick Reply
Show Smilies

 
Compose reply Quick reply Little Angels Hentai Forum Index » Help and test-post forum All times are GMT
Goto page 1, 2, 3  Next
Page 1 of 3

 
Jump to: 
You can post new threads in this forum
You can reply to threads in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum


Do not upload or mention any illegal content. Violators will be reported to the authorities. You are responsible for your uploads and actions.
If it is illegal for you to view adult lolikon material in your current location, leave this site immediately.
LAH is in compliance with DMCA.
LAH works best with JavaScript enabled. Enable it for a better experience. (´・ω・`)
Your browser is outdated and insecure! Please update your browser to fully enjoy LAH.