Hotlink Prevention in Ruby?

Hi,

i am desperately seeking for a solution or at least a hint, for preventing non-authorized users of my social network app to access images, uploaded from registered users, without authentication.

I already found the HTTP-REFERRER approach - but as commonly known, this wont work in situations, where the referrer information is blank....

So it's not only a bandwidth-stealing thing, but also a privacy issue, since the users upload images and expect, that no one excepting the own network of friends can see them.

I can imagine to use mod_rewrite to call a ruby controller for each website resource and to then check, if the request has at least a session from my app. But wont that kill the performance of the server, when each acces is beeing processe by a ruby script instead of getting it as a file ?

Any help is appreciated !

Cheers

martin

I think the safest way is to store images outside your public directory for storing images. Then create (controller and) action to retrive images using send_data. For example:

@person = Person.find(@params['id']) File.open(@person.picture, "rb") do |image|   send_data image, :filename => @person.picture, :type => "image/jpeg" end

You could add before filter to check if user is authorized. Also when uploading file you should store it's content type somewhere in database.

Martin -

Hi,

i am desperately seeking for a solution or at least a hint, for preventing non-authorized users of my social network app to access images, uploaded from registered users, without authentication.

I already found the HTTP-REFERRER approach - but as commonly known, this wont work in situations, where the referrer information is blank....

So it's not only a bandwidth-stealing thing, but also a privacy issue, since the users upload images and expect, that no one excepting the own network of friends can see them.

I can imagine to use mod_rewrite to call a ruby controller for each website resource and to then check, if the request has at least a session from my app. But wont that kill the performance of the server, when each acces is beeing processe by a ruby script instead of getting it as a file ?

Any help is appreciated !

Cheers

martin

I wouldn't wait til rails had your request - static (image,etc) file serving won't scale.

You can likely find a better (ie. more performant) option in your proxy - apache, nginx. We serve all static files using nginx - you can likely wire up some checking there.

Jodi

Thank you both for your feedback!

In the meantime i developed the idea to use a token to establish a trust between a mod_anything running in the apache context and the rails app.

The idea is to create a session token by a simple web service (trust service) during first page request and to augment all links to images within my app with this token. An apache mod could then check each request for that token and verify it against the trust service. If the token is not valid or not given, the request will be answered with 403

But i will now check the send_data and nginx approaches first. Cause even if my approach will help me to prevent anonymous users from reading images outside the app, it will not prevent authenticated users to see images from users which they are not connected to (like any other social network, images and stories must not be seen outside the users network for friends)

martin