SiteCam has powerful anti-hijacking capabilities. Hijacking occurs when a Webmaster puts your data into their web pages without the owners permission. With webcam images, hijacking is a common occurrence. We can combat webcam hijacking by using a feature of HTML where requests for information contain a "referrer" string. The referrer points to the page that is requesting the image.
When anti-hijacking is enabled, we compare the referrer string sent by the browser to a list of authorized strings. If there is no match, we assume that the image request is coming from an unauthorized source--and we return 1 of 3 responses, depending on your preference.
When a request for a webcam image (any image request that ends in .mwc), we check for an authorized referrer. If it isn't found, we return the "first" of these possibilities:
In other words, if there is no document "public", we return the image SiteCam_Hijack.gif. If that image file doesn't exist, we return a single image, rather than streaming video.
On the Rearden Technology site, we return the "public" document, which we have added a logo and extra text to. This lets us not worry about people taking our images and putting them directly into their own web pages--we can put our own advertisement on the image with the hope that they click on the link.
When you access this page from your WebSTAR compatible server, you can click on the pi_admin.mwc link and enable/disable hijacking support and set the match strings.
The referrer will point to the page that is requesting your document. All match checking is done from the start of the referer string, so you must always include the URL protocol (either http:// or file://)
For instance, if you have your webcam page at:
http://www.yourserver.com/webcam/live.html
You can put http://www.yourserver.com/webcam/live.html as the match string.
You could also enable all requests from your site by specifying:
http://www.yourserver.com/ and http:/dottedIP/
Where dottedIP is the numeric ip address that maps to your server's IP address. (This can be found in the TCP/IP control panel for your server.)
To allow local file access, allow access to all referrers that start with file://
You can look at the referer strings turning it on in your server's "what to log" settings. Also, with MWC normal messages ON, you will see hijack attempts in the server log.