Script Theft

This morning i checked my stats, and i came across interesting web site which is linking to my web design section. Since nothing was there, just some internal links, i right clicked and saw that it’s in fact calling JavaScript file from my server. What courage this guy has!

Why it’s not working on his website?

Fortunately, when building this website, i set all CSS and JavaScript going through serverside (PHP) script which will not pass these files outside my website — some referrer conditioning (or any other you find more appropriate) and simple switch/case deploying. If willing trying save following as externals.php

<?php
$q=$_GET["q"];
if (strpos($_SERVER['HTTP_REFERER'], "http://www.yourdomain.com/") === false) { 
	echo "/* Thanks for being interested in my work. Please contact me if you want to know more about how it's done. */";
} else {
	switch ($q) {
		case "css":
			header ("Content-type: text/css");
			readfile("style.css");
			break;
		case "js":
			header ("Content-type: text/javascript");
			readfile("script.js");
                // and even more cases if desired : )
	} 
}
?>

and modify your HTML code somewhere in <head> section:

<link rel="stylesheet" type="text/css" href="http://www.yourdomain.com/externals.php?q=css" />
<script type="text/javascript" src="http://www.yourdomain.com/externals.php?q=js"></script>

Above is of course simplified version of the original script and it’s left to you to customize it however you want (hint: this page could send you an e-mail whenever conditions are not matched).

I’d be glad to hear how you solved yours.

Marko Dugonjić is a designer specialized in user experience design, web typography and web standards. He runs a nanoscale user interface studio Creative Nights and organizes FFWD.PRO, a micro-conference and workshops for web professionals.

Interested in more content like this?