|
Author |
Message |
jacxxx
Beginner Angel
Warnings:
Posts: 14
|
Q's about direct linking prevention |
Quote |
In the Loli gifs thread here it occurred to me that I don't really understand why we have to change http to hxxp for external links.
In the first place the RULES AND FAQ seem to make no difference between internal and external links, but since LAH itself uses http for internal references (e.g. "Attachment already posted. If you really need to include it in your post, add this line to your post: http://littleangelshentai.net/forum/download.php?id=107068"), it is clear that the rule applies to external links only. Q1: did I interpret the present R&F's correctly and has the external character of this rule to be added?
It seems to be common knowledge (but I didn´t know ), it is done "to prevent inline linking". According to hxxp://en.wikipedia.org/wiki/Inline_linking : "Inline linking (also known as hotlinking, leeching, piggy-backing, direct linking, offsite image grabs, bandwidth theft) is the use of a linked object, often an image, from one site by a web page belonging to a second site. The second site is said to have an inline link to the site where the object is located." Q2: How much damage would occur, if any, when we didn't follow this rule?
_________________ My avatar shows the first encounter of Yuki in the Land of Eternal Snow. Yuki would become my favorite character in the on-going Mystics Saga by arrancar85 |
|
|
Mon Jun 18, 2012 8:10 am |
Profile PM
|
|
ult_combo
Matrix Angel
Warnings:
Posts: 86
|
|
Quote |
I think this question has been very well explained in many topics and I'm not the most suitable person to explain it, but well:
ult_combo: The hxxp is to prevent hot-linking, that's to prevent forwarding referrers so file-hosting sites don't know you're coming from LAH. Many host sites have deleted all files that were linked from LAH already, with the hxxp/code tags we technically prevent them from having this information and making a mass file deletion from our posts. That's just to keep our files safer, per se. (source)
Addition: not only file-hosters, but other sites (image hosting, forums etc) could also blacklist us. I've mentioned file-hosters as they're probably the most significant part which can use the referrer info to mass delete our contributions.
_________________ My main MF acc was suspended, use other mirrors until I re-up it all to a new host.
There is no knowledge that is not power.
Our only limitations are those we set up in our own minds.
Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away.
Measuring software productivity by lines of code is like measuring progress on an airplane by how much it weighs.
Programming is an art form, whose real value can only be appreciated by another versed in the same arcane art. |
|
|
Mon Jun 18, 2012 9:10 am |
Profile PM MSN Skype
|
|
jacxxx
Beginner Angel
Warnings:
Posts: 14
|
My conclusions + Q3 |
Quote |
Thank you very much for your quick and clear answer to Q2, ult!ult_combo: I think this question has been very well explained in many topics ... Right above I referred to " ... the Loli gifs thread here " in which I said "in http://littleangelshentai.net/forum/viewtopic.php?p=10355#10355 I found a reason that sounds reasonable why to use hxxp for external links. And I guess: may be internal links never give "band-width" problems ... Until further notice I continue myself not to use hxxp for internal links".
One post further in the Loli gifs thread Elec corrected me - ty too Elec! - but I was not immediately convinced because I didn't understand him .
That's why I asked Q1 + Q2 in this forum again.
My conclusion 1: Q2 has indeed been explained before, but not always very well.
ult_combo:
ult_combo: The hxxp is to prevent hot-linking, that's to prevent forwarding referrers so file-hosting sites don't know you're coming from LAH. Many host sites have deleted all files that were linked from LAH already, with the hxxp/code tags we technically prevent them from having this information and making a mass file deletion from our posts. That's just to keep our files safer, per se. (source)
Addition: not only file-hosters, but other sites (image hosting, forums etc) could also blacklist us. I've mentioned file-hosters as they're probably the most significant part which can use the referrer info to mass delete our contributions.
My conclusion 2: This sounds very reasonable, especially since some file-hosters don't seem to like loli's
Tentative conclusion 3: a better title for "Q's about direct linking prevention" would be "Q's about blacklist prevention"?
More questions: I never dared to ask, and I know I couldn't find it in the past, when I first began to use it ...
Q3: How does a code field help to prevent linked sites from knowing the LAH address?
It is clear that the hxxp/code rule applies to external links only.
Q1 (repeated): did I interpret the present Rules & FAQ's correctly and has the external character of this rule to be added? Our Beginner Angel Lokimani now still is going to use hxxp for all links, I think (see http://littleangelshentai.net/forum/viewtopic.php?p=275623#275623 )
_________________ My avatar shows the first encounter of Yuki in the Land of Eternal Snow. Yuki would become my favorite character in the on-going Mystics Saga by arrancar85 |
|
|
Tue Jun 19, 2012 5:33 pm |
Profile PM
|
|
Werweißschon
Beginner Angel
Warnings:
Posts: 17
|
Re: My conclusions + Q3 |
Quote |
jacxxx: ...
Q3: How does a code field help to prevent linked sites from knowing the LAH address?...
By putting a link into the code field (without adding the url tags) like this (just took the first one I saw for reference):
| | http://littleangelshentai.net/forum/viewtopic.php?p=275695#275695 | they should normally be not directly click-to-open-able so people are supposed to copy the link and paste it into a new tab/browser (whatever they prefer). Of course this only works if they are smart enough to actually put it in a new one and not in the already open one (I guess this would have the same effect as using a unhxxped link), so I prefer to hxxp them.
|
|
Tue Jun 19, 2012 6:23 pm |
Profile PM
|
|
Sat
Star Angel
Warnings:
Posts: 7539
|
|
Quote |
The code tags have been tolerated, but they mostly do not work as intended.
We are exploring the different possibilities to change this in the future.
Though the only reasonable system that would actually do what we need would require
people to copy and paste twice. Not sure if anyone wants that.
_________________
Some people say, the universe is a Star Ocean!
Want to donate to keep the site up? PM me for possible donation ways!
We now also accept Bitcoin.
Got a suggestion on how we can improve LAH? Post it here or vote for other people's suggestions! |
|
|
Tue Jun 19, 2012 8:56 pm |
Profile PM WWW Skype
|
|
ult_combo
Matrix Angel
Warnings:
Posts: 86
|
|
Quote |
@Sat
I could easily add a "copy" button with zeroClipboard to the ShareCodes mod to automatically copy the URL+sharecode to the clipboard, but well this is talk for the Projects/Dev team and with the 2 major projects under the way it'd take some time to consider the usability and viability for this addon.
@topic
Q3: I usually go to hxxp://www.stardrifter.org/cgi-bin/ref.cgi for testing. If you normally copy the link, open a new tab and un-hxxp it, you'll see an empty "Referer:" field.
Now try this one: | | http://www.stardrifter.org/cgi-bin/ref.cgi | If you select the URL, right click it and select "Open in a new tab" (in Firefox), it'll display that you're coming from LAH. If you select the URL, right click and choose "Go to <url>" (Chrome), it will display an empty referer field.
In conclusion, there are inconsistencies across browsers when handling this situation, but it's no longer 100% safe as it used to be when the rule was implemented.
_________________ My main MF acc was suspended, use other mirrors until I re-up it all to a new host.
There is no knowledge that is not power.
Our only limitations are those we set up in our own minds.
Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away.
Measuring software productivity by lines of code is like measuring progress on an airplane by how much it weighs.
Programming is an art form, whose real value can only be appreciated by another versed in the same arcane art. |
|
|
Wed Jun 20, 2012 3:45 am |
Profile PM MSN Skype
|
|
jacxxx
Beginner Angel
Warnings:
Posts: 14
|
|
Quote |
Werweißschon: By putting a link into the code field (without adding the url tags) ... it should normally be not directly click-to-open-able so people are supposed to copy the link and paste it into a new tab... That's it! I never realized it. So simple! Werweißschon: ... this only works if they ... put it in a new tab and not in the already open one ... This seems to be a firefox problem.Werweißschon: ... so I prefer to hxxp them. You may be right, but.. when you select in this example "hxxp://www.stardrifter.org/ " only the last part " www.stardrifter.org/ " and open it with a right mouse-click, I assume in firefox you have the same problem? (you may check this using ult's stardrifter test).
Sat: ...the only reasonable system that would actually do what we need would require
people to copy and paste twice... ?Can you be more specific?
Q4: Isn't it possible to automatically send all requests to external links back to the requester who may then choose to open the given external link from his own address by answering yes or no?
@ult_combo: using opera I didn't get any unwanted referer information from stardrifter. But ... perhaps www.stardrifter.org/cgi-bin/ref.cgi only works when using firefox?
_________________ My avatar shows the first encounter of Yuki in the Land of Eternal Snow. Yuki would become my favorite character in the on-going Mystics Saga by arrancar85 |
|
|
Wed Jun 20, 2012 8:38 am |
Profile PM
|
|
Electricus
Angel of the Face
Warnings:
Posts: 315
|
Re: My conclusions + Q3 |
Quote |
jacxxx: One post further in the Loli gifs thread Elec corrected me - ty too Elec! - but I was not immediately convinced because I didn't understand him . You don't have to understand me to know I'm right.
|
|
Wed Jun 20, 2012 9:07 am |
Profile PM
|
|
frzangel
Tiny Angel
Warnings:
Posts: 2
|
|
Quote |
Electricus: You don't have to understand me to know I'm right.
We can add anonym.to to the links as well.
_________________
DON'T ASK FOR PASS IN PM! READ THE RULES AND FAQ! |
|
|
Wed Jun 20, 2012 11:20 am |
Profile PM
|
|
Sat
Star Angel
Warnings:
Posts: 7539
|
|
Quote |
jacxxx: ?Can you be more specific?
Yes, basically, the url would be split into two separate fields and you would have to copy each of them and paste them together into a new window/tab to get the url. I know sites using this system.
_________________
Some people say, the universe is a Star Ocean!
Want to donate to keep the site up? PM me for possible donation ways!
We now also accept Bitcoin.
Got a suggestion on how we can improve LAH? Post it here or vote for other people's suggestions! |
|
|
Wed Jun 20, 2012 2:29 pm |
Profile PM WWW Skype
|
|
ult_combo
Matrix Angel
Warnings:
Posts: 86
|
|
Quote |
jacxxx: @ult_combo: using opera I didn't get any unwanted referer information from stardrifter. But ... perhaps www.stardrifter.org/cgi-bin/ref.cgi only works when using firefox? Well, selecting a non-clickable URL in a page and opening it in a new tab wasn't a browser's standard feature until a couple years ago, and it's not very standard yet either so different browsers tend to implement it differently.
I linked the stardrifter site just because it's a free hosted simple page, but actually, you can just run 2 lines of PHP code: | | $ref = (isset($_SERVER["HTTP_REFERER"])) ? $_SERVER["HTTP_REFERER"] : '';
echo 'Referer: ' . $ref; | Even on your localhost (as long as you have an apache or similar PHP server running) and you'll have a test page for referer testing.
(Note that echo "Referer: $ref"; is perfectly valid as well but I prefer concatenating the string literal with the string var 'cause I find it more readable in the syntax highlighter )
_________________ My main MF acc was suspended, use other mirrors until I re-up it all to a new host.
There is no knowledge that is not power.
Our only limitations are those we set up in our own minds.
Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away.
Measuring software productivity by lines of code is like measuring progress on an airplane by how much it weighs.
Programming is an art form, whose real value can only be appreciated by another versed in the same arcane art. |
Last edited by ult_combo on Wed Jun 12, 2013 10:48 am; edited 1 time in total |
|
Wed Jun 20, 2012 8:24 pm |
Profile PM MSN Skype
|
|
fijneman
Golden Angel
Warnings:
Posts: 309
|
|
Quote |
Does any one know plugin for Firefox (or Greasemonkey script) to auto change hxxp to http? I'm so lazy to open links in a new tab and edit them
|
|
Wed Jun 20, 2012 9:00 pm |
Profile PM
|
|
ult_combo
Matrix Angel
Warnings:
Posts: 86
|
|
Quote |
fijneman: Does any one know plugin for Firefox (or Greasemonkey script) to auto change hxxp to http? I'm so lazy to open links in a new tab and edit them It doesn't take more than a couple lines of JS to replace all hxxp||hxxps links for http||https. However, as said by Sat not too long ago (can't find the reference atm) it'd defeat the purpose of having hxxp links to prevent hotlinking.
However, there might be other options.. Maybe I could try some JS which forces a window/tab to be opened "without" sending referer headers (most likely would require some workarounds), or replace their href attribute with anonym.to http'd links. Obviously all of this would require throughout testing and I have a lot of work to do atm. I'm open to suggestions however.
edit: Here's one reference.
edit: Couple sites for testing:
hxxp://www.stardrifter.org/cgi-bin/ref.cgi
hxxp://cstsi.ifsul.edu.br/autofluxo/ult_combo/ref.php
_________________ My main MF acc was suspended, use other mirrors until I re-up it all to a new host.
There is no knowledge that is not power.
Our only limitations are those we set up in our own minds.
Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away.
Measuring software productivity by lines of code is like measuring progress on an airplane by how much it weighs.
Programming is an art form, whose real value can only be appreciated by another versed in the same arcane art. |
|
|
Wed Jun 20, 2012 9:46 pm |
Profile PM MSN Skype
|
|
ult_combo
Matrix Angel
Warnings:
Posts: 86
|
|
Quote |
Alright, as requested by @fijneman, the UserScript to turn LAH's hxxp links clickable: | | http://userscripts.org/scripts/show/136654 |
Features:
- Allow left clicking hxxp links to open in new tab/window;
- Turn code block links clickable as well (experimental, read below);
- All generated links go through anonymz.com, effectively preventing hosts from getting any referer info.
Notes:
I had to add one workaround to don't break existing links inside code blocks *ahem*:
| | www.example.com | Bug for which I submitted a fix last month but I guess Sat forgot to implement it and I just realized our forum software was causing some bugs even in the copypasta of the fix code. Re-submitted the fix now.
This version is stable and fully tested on Firefox (Nightly) 16a and Chrome 19. I'll upload a new version of this plugin when the www. code block hotlinking fix gets implemented.
Report if you find any bugs.
edit: Uploaded a new version which utilizes anonymz.com instead of anonym.to, as MF currently blocks anonym.to in Chrome. Thanks Sat for the report & new redirect site.
_________________ My main MF acc was suspended, use other mirrors until I re-up it all to a new host.
There is no knowledge that is not power.
Our only limitations are those we set up in our own minds.
Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away.
Measuring software productivity by lines of code is like measuring progress on an airplane by how much it weighs.
Programming is an art form, whose real value can only be appreciated by another versed in the same arcane art. |
|
|
Thu Jun 21, 2012 3:53 am |
Profile PM MSN Skype
|
|
jacxxx
Beginner Angel
Warnings:
Posts: 14
|
|
Quote |
ult_combo: Alright, as requested by @fijneman, the UserScript to turn LAH's hxxp links clickable: | | http://userscripts.org/scripts/show/136654 |
I opened your userscript and source code, but... how do I implement it in my browser?
_________________ My avatar shows the first encounter of Yuki in the Land of Eternal Snow. Yuki would become my favorite character in the on-going Mystics Saga by arrancar85 |
|
|
Thu Jun 21, 2012 7:08 am |
Profile PM
|
|
|
|
|
You can post new threads in this forum You can reply to threads in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You cannot download files in this forum
|
Do not upload or mention any illegal content. Violators will be reported to the authorities. You are responsible for your uploads and actions.
If it is illegal for you to view adult lolikon material in your current location, leave this site immediately.
LAH is in compliance with DMCA.
|