Click here to Skip to main content
15,124,861 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
Is there any way to make this solution work on IE9???
How do you think IE9 prevents it? How about other browsers :-)
And why would you need it? If these are your images, you can place them where you want, and avoid cross-domain use of them...
n.podbielski 1-Nov-12 9:35am
It's obviuos. It does not work. That is all. Gimmyacode,pleaseitsurgent.thanxinadvance :)
I'm just thinking how much of abuse it can be. Potentially...
n.podbielski 1-Nov-12 9:43am
I guess you can encode script as BASE-64 and feed it like an image. But I also don't know what context urlToData function will do, maybe it would sanitaze content somehow. It's not important anyway. If it is content, an image I would just copy bloody thing to same domain and bother to do something like this.
I don't think it's even relevant. A Web site can easily block using its source image from outside its domain; it can also be done automatically when hosting it. I think I have such option with my new Web hosting (let me check up; that's interesting). Just check up HTTP request IP and don't serve the image if the request from the wrong domain...

Web browsers has something to do with cross-domains too, but what I know is just about safety, so one site could not eavesdrop data from other site if the pages of both are loaded in the same process. This is a huge design flaw; I think I read about such vulnerabilities...

It's not very likely that the OP's case is related to a browser. Besides, frankly, I would question if what OP try to achieve would be legitimate...

This is called "hotlink protection" and can be the case.
Please see my answer where I give the idea.

1 solution

Please see my comments to the question. How do you know that your problem is related to a Web browser at all? Did you try with other browsers?

You should always keep in mind that a Web site can easily protect images from being used by another side serving on a different domain. This is because an HTTP server receives an HTTP request which contains a sender IP, so the server can always apply certain limitations. This can even be done at the level of hosting, which translates this option into the server configuration, typically for a virtual side. I have such option with my current Web hosting provider. This is called hotlink protection. To get an idea, please see:[^],[^],[^],[^].


This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900