WXforum.net

Weather Software => Virtual Weather Station => VWS WeatherFlash => Topic started by: robbieB on July 25, 2011, 05:35:15 AM

Title: Unauthorised embedding
Post by: robbieB on July 25, 2011, 05:35:15 AM
I recently came across a phpBB site which had my Weather Flash screen embedded on a local weather page :shock:.

".....<param name="movie" value="http://....my_domain.../...directory.../WxFlash/Loader.swf">
<param name="quality" value="high">
<embed src="http://"....my_domain..../...directory.../WxFlash/Loader.swf" width=700 height=500 align="center" quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash"></embed>....."

Is there any way of blocking this?



Title: Re: Unauthorised embedding
Post by: wxtech on July 25, 2011, 07:32:30 AM
Imitation (copying) is sincerest form of flattery.  Just ask them to request your permission before using your property, and post a link back to your site.  
I wish my wx data to have the widest dissemination.  My station temperature has been mentioned on Atlanta TV, and I'm 70 miles away.
Title: Re: Unauthorised embedding
Post by: WeatherHost on July 25, 2011, 08:12:55 AM
Maybe with an .htaccess file.  If your webhost uses cPanel, some versions have hotlink blocking options.

But isn't the point of weather site to get the information out there?  I'd at least make sure they credit the information source site though.
Title: Re: Unauthorised embedding
Post by: robbieB on July 25, 2011, 08:34:29 AM
Thanks both of you. Disseminate the data widely, yes (ours is published on the Weather Underground etc.) and we welcome people linking to the site. But the live weather info on Weather Flash serves to actually bring people to our site. If our WF screen is available elsewhere, we lose out.

I was wondering if there is some way of blocking it rather than wielding a big copyright stick. There's an open source java script which will block content from being loaded into any iframe on an alien site, but I don't think that will do the trick in this case. I'll look into the ht.access solution.

Thanks again.

robbie
Title: Re: Unauthorised embedding
Post by: DaculaWeather on August 12, 2011, 01:51:36 PM
Something else you can do is put all of the Flash code in a php file, then include the php on your page, that way they won't be able to view the code. Just move some of the code to a different location on your site and change your page to point to it there.

I WOULD send them an email though and ask them very nicely to remove your code from their site. If they don't, then I would take some more drastic measures.

Where's the site, I'd like to see what they've done?
Title: Re: Unauthorised embedding
Post by: robbieB on August 14, 2011, 02:23:58 PM
Where's the site, I'd like to see what they've done?

http://www.mylowestoft.com/viewtopic.php?f=10&t=244

As you can see, it simply embeds the WF screen from my club site into the page.

Robbie
Title: Re: Unauthorised embedding
Post by: DaculaWeather on August 14, 2011, 02:57:20 PM
This code in your <head> tag will fix that:
<script type="text/javascript">
if (top.location != self.location)
top.location = self.location;
</script>
Title: Re: Unauthorised embedding
Post by: robbieB on August 14, 2011, 03:04:46 PM
The code in your <head> tag will fix that:
<script type="text/javascript">
if (top.location != self.location)
top.location = self.location;
</script>

Thanks for that. I'll give it a go.

Robbie
Title: Re: Unauthorised embedding
Post by: TNETWeather on August 14, 2011, 03:13:17 PM
I don't think that is going to work.  The code being used by the MyLowestoff site is not including his web page (which has a head section), he is embeding the flash object only just like the OP does.

http://www.rnsyc.net/weathercam/WxFlash/Loader.swf

So if he adds the code you are talking about, it won't even be seen because they are not using the HTML page, just the flash object.

You would have to block referrers to the content instead that blocks access to the swf file.


Title: Re: Unauthorised embedding
Post by: DaculaWeather on August 14, 2011, 08:03:52 PM
Ahh, I thought they were loading it in a frame. My bad.
I would put all the Flash code in a PHP file and include that file on your page. When you do that, put the Flash code in a different location so they won't know where to find it.
Title: Re: Unauthorised embedding
Post by: TNETWeather on August 14, 2011, 08:20:42 PM
You can't hide it.  In order to render it, it has to be able to load the swf file. All you have to do is look at the source of the page and the same embed will be there in plain sight regardless of how you included it PHP or not.

The only way to block this is to use referrer blocks using mod_rewrite like you would for images.  You just add swf to the list of items checked for.  Unless you have a replacement SWF, they will most likely just get a blank object, but visitors to the page won't be able to view the embeded object.
Title: Re: Unauthorised embedding
Post by: robbieB on August 15, 2011, 02:08:28 AM
I don't think that is going to work.  The code being used by the MyLowestoff site is not including his web page (which has a head section), he is embeding the flash object only just like the OP does.

Yes, that's right; my fault, I should have been clearer. It's the loader that is embedded.

Robbie.
Title: Re: Unauthorised embedding
Post by: Cynjut on August 15, 2011, 02:24:34 AM
To be contrary, he is giving you credit and a link for the view.  From a Google Search perspective, you are getting two references for every view of that page.  Unless you're getting paid by the view and these SWF views don't count or you have some personal reason, I'd leave it alone.  You can spend a lot of time and energy trying to do something that may, ultimately, hurt your popularity in Google.  As long as you have good meta-tags and good referrers, the spiders will find you more often this way and boost your search order placement.
Title: Re: Unauthorised embedding
Post by: DaculaWeather on August 15, 2011, 06:11:36 AM
Or fix your page up even more so that there is no question where the data is coming from.
Title: Re: Unauthorised embedding
Post by: TNETWeather on August 15, 2011, 03:15:38 PM
To be contrary, he is giving you credit and a link for the view.  From a Google Search perspective, you are getting two references for every view of that page.  Unless you're getting paid by the view and these SWF views don't count or you have some personal reason, I'd leave it alone.  You can spend a lot of time and energy trying to do something that may, ultimately, hurt your popularity in Google.  As long as you have good meta-tags and good referrers, the spiders will find you more often this way and boost your search order placement.

Giving credit and stealing are two different things.

1) He didn't get authorization to steal the use of the result.  he is not using his bandwidth to do it, he is using the OP's bandwidth..

A lot of sites don't want you embedding their content.  Think MP3's, Images etc...

Not only did the OP pay for the weather station and its upkeep, but he also paid for the software, pays for his hosting and his time.  The offender is not assisting with any of that, just stealing data so his website has cool stuff on it.

He has apparently also been asked to stop.

2) Hotlink protection which is normally thought of for images can be done for just about any content and if done correctly is trivial to setup.

The OP has mentioned that he has made several .htaccess changes, but I suspect he is trying to block the offenders site, not prevent hotlinking.

Or fix your page up even more so that there is no question where the data is coming from.

And how does he do that?  The Offender is not showing the OP's website, only his objects.  Where are you going to put more info in the object (the SWF) that provides more details of where it is coming from?

It already has across the top of it "Real-Time data from the RNSYC weather station".
Title: Re: Unauthorised embedding
Post by: DaculaWeather on August 15, 2011, 04:24:05 PM
Next step?
Title: Re: Unauthorised embedding
Post by: TNETWeather on August 15, 2011, 05:18:57 PM
Hotlink protection for SWF files

Placed in your .htaccess file...

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://www.rnsyc.net/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://rnsyc.net/.*$ [NC]
RewriteRule .*\.swf$ http://www.rnsyc.net/UnauthImage.gif [R]


This allows no referrer (meaning it is a direct hit) or referrers from your own site using www.rnsyc.net or rnsyc.net.  Any other referrer would be given the UnauthImage.gif instead of the SWF file.  You should have that image by name, or change it to an image that suits that purpose.

Since the offender is embedding the object in their page, the hit will be with a referrer link pointing to his page.  I would protect any SWF file on your webtree from the level of the .htaccess and down.

You could have the unauth return be another SWF file with some cute animated hotlink error message, but it would have to be located outside of the protected area OR you can exclude it in the rules above by adding:

RewriteCond %{REQUEST_URI} !^/UnauthImage\.swf$ [NC]

You can also block additional items by adding them like:

RewriteRule .*\.(gif|png|jpg|swf)$ http://www.rnsyc.net/UnauthImage.gif [R]

Same rules would apply to the unauth image.

You can test this by using a hotlink test page at: http://altlab.com/htaccess_tutorial.html (http://altlab.com/htaccess_tutorial.html)

Planned on working with the OP if he wanted to work on this. Up to him.  Sent him a PM with my email and google chat addresses.
Title: Re: Unauthorised embedding
Post by: robbieB on August 16, 2011, 06:24:40 AM
Apologies for disappearing from the conversation: in a word, "Work".

I have hot link protection via CPanel, so last night I enabled it and listed the swf extension along with others. I then found WFlash wouldn't load on my own site(s) despite listing them as allowed URLs. So I went back to square one, disabling hot link protection. Now WFlash starts to load and to access the weather data, but no sooner has the live weather screen appeared than it is replaced by a blank, black screen. Since I have not made any changes to my WFlash files this must be a CPanel/host server issue, which I am now trying to sort out.

My thanks to all of you, and especially TNETWeather. I will follow up on the latest post and take advantage of the offer to help if I run into further problems. I like to get my own head round things as much as I can, but am all too familiar with failure  :lol:

Robbie

[EDIT: would you believe it (well yes, you would), the black screen is browser related, i.e. whatever hangover there is on the server is affecting Internet Explorer and Chrome, but not Firefox, Opera or Safari.]
Title: Re: Unauthorised embedding
Post by: kray1000 on August 16, 2011, 08:40:02 AM
Apologies for disappearing from the conversation: in a word, "Work".

I have hot link protection via CPanel, so last night I enabled it and listed the swf extension along with others. I then found WFlash wouldn't load on my own site(s) despite listing them as allowed URLs. So I went back to square one, disabling hot link protection. Now WFlash starts to load and to access the weather data, but no sooner has the live weather screen appeared than it is replaced by a blank, black screen. Since I have not made any changes to my WFlash files this must be a CPanel/host server issue, which I am now trying to sort out.

My thanks to all of you, and especially TNETWeather. I will follow up on the latest post and take advantage of the offer to help if I run into further problems. I like to get my own head round things as much as I can, but am all too familiar with failure  :lol:

Robbie

[EDIT: would you believe it (well yes, you would), the black screen is browser related, i.e. whatever hangover there is on the server is affecting Internet Explorer and Chrome, but not Firefox, Opera or Safari.]

There are recent threads on here about a recent update with Flash causing problems with WeatherFlash (and other applications) not displaying.  Might be related.

http://www.wxforum.net/index.php?topic=12673.0

http://www.wxforum.net/index.php?topic=12694.0
Title: Re: Unauthorised embedding
Post by: robbieB on August 16, 2011, 10:11:07 AM
There are recent threads on here about a recent update with Flash causing problems with WeatherFlash (and other applications) not displaying.  Might be related.

http://www.wxforum.net/index.php?topic=12673.0

http://www.wxforum.net/index.php?topic=12694.0


Yes, might well be. Thanks for the tip off. Just a coincidence that I was playing about with hot link protection at the time.

Robbie