Recently, there’s been a discussion on The WELL about how some people are having trouble viewing pages on Fotolog.net. It turns out that Fotolog is restricting access to images based on the HTTP Referer (yes, that’s how it’s spelled in HTTP) header in an unfortunate way. Surely their goal is to prevent bandwidth thieves (intentional or otherwise) from embedding Fotolog images directly into their own pages. That’s a serious problem, but Fotolog’s solution is not good.
Rules to limit image access based on Referer are pretty common. It’s one of the first things most people think of when they discover they have a problem with people using their images on other sites. And it tends to work fairly well. But a lot of people who implement Referer restrictions don’t really understand all the implications, limitations and tricky configuration issues. There are a few key things to always remember when setting up Referer-based access control.
The fire burns on. It’s just a couple of blocks south of our office. The picture above was taken from the parking garage next door. The smoke continued to get thicker for a good 30 or 40 minutes after my first photo was taken. It collected in the parking garage and any other enclosed area it could work its way into.
The power in our building went out for about an hour when City Light turned off a couple of transformers in the area. I was just about ready to give up and head home when it came back on. Just my luck.
There’s a fire (apparently a big one) just down the street from here, at 426 S Massachusetts Street. For a while, one of the DOT cameras was offering a pretty good view. We can’t actually see the fire from our floor, but the smoke is sure creating a thick haze and a strong smell. At first I thought something in the building must be burning, but it was just that the air conditioning system was sucking the smoke into the building and pumping it right into my closed office. Nice.