Inline linking
Encyclopedia
Inline linking is the use of a linked object, often an image, from one site by a web page
belonging to a second site. The second site is said to have an inline link to the site where the object is located.
(HTTP), does not make any distinction of types of links—all links are functionally equal. Resources may be located on any server at any location.
When a web site is visited, the browser first downloads the textual content in the form of an HTML document. The downloaded HTML document may call for other HTML files, images, scripts and/or stylesheet files to be processed. These files may contain
which allow images to display on the page. The HTML code generally does not specify a server, meaning that the web browser should use the same server as the parent code (
When a browser downloads an HTML page containing such an image, the browser will contact the remote server to request the image content.
medium. Common uses include:
to track users or to relay information to a third party. Many ad filtering
browser tools will restrict this behavior to varying degrees.
For Apache
's httpd
, the mod rewrite module is often used to reject or redirect attempted hotlinks to images and media.
For Microsoft's Internet Information Services
web server software, third party tools may be installed to combat inline linking and hotlinking.
Nearly all of these measures will transmit an alternate content. Most types of electronic media can be redirected this way, including video files, music files, and animations (such as Flash
).
Other solutions usually combine the standard mod rewrite module with some custom complex server side scripting (i.e. to allow hotlinking for a limited amount of time).
, the United States Court of Appeals for the Ninth Circuit
explained why inline linking did not violate US copyright law:
Web page
A web page or webpage is a document or information resource that is suitable for the World Wide Web and can be accessed through a web browser and displayed on a monitor or mobile device. This information is usually in HTML or XHTML format, and may provide navigation to other web pages via hypertext...
belonging to a second site. The second site is said to have an inline link to the site where the object is located.
Inline linking and HTTP
The technology behind the World Wide Web, the Hypertext Transfer ProtocolHypertext Transfer Protocol
The Hypertext Transfer Protocol is a networking protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web....
(HTTP), does not make any distinction of types of links—all links are functionally equal. Resources may be located on any server at any location.
When a web site is visited, the browser first downloads the textual content in the form of an HTML document. The downloaded HTML document may call for other HTML files, images, scripts and/or stylesheet files to be processed. These files may contain
<img> tags which supply the URLsUniform Resource Locator
In computing, a uniform resource locator or universal resource locator is a specific character string that constitutes a reference to an Internet resource....
which allow images to display on the page. The HTML code generally does not specify a server, meaning that the web browser should use the same server as the parent code (
<img src="picture.jpg" />). It also permits absolute URLs that refer to images hosted on other servers (<img src="http://www.example.com/picture.jpg " />).When a browser downloads an HTML page containing such an image, the browser will contact the remote server to request the image content.
Common uses of linked content
The ability to display content from one site within another is part of the original design of the Web's hypertextHypertext
Hypertext is text displayed on a computer or other electronic device with references to other text that the reader can immediately access, usually by a mouse click or keypress sequence. Apart from running text, hypertext may contain tables, images and other presentational devices. Hypertext is the...
medium. Common uses include:
- Web architects may deliberately segregate the images of a site on one server or a group of servers. Hosting images on separate servers allows the site to divide the bandwidth requirements between servers. As an example, the high-volume site SlashdotSlashdotSlashdot is a technology-related news website owned by Geeknet, Inc. The site, which bills itself as "News for Nerds. Stuff that Matters", features user-submitted and ‑evaluated current affairs news stories about science- and technology-related topics. Each story has a comments section...
stores its "front page" atslashdot.org; individual stories on servers such asgames.slashdot.orgorit.slashdot.org; and serves images for each host fromimages.slashdot.org.
- An article on one site may refer to copyrighted images or content on another site, avoiding rights and ownership issues that copying the original files might raise, although this practice is generally not accepted.
- Many web pages include banner adWeb bannerA web banner or banner ad is a form of advertising on the World Wide Web delivered by an ad server. This form of online advertising entails embedding an advertisement into a web page. It is intended to attract traffic to a website by linking to the website of the advertiser...
s. Banner ads are images hosted by a company that acts as middleman between the advertisers and the web sites on which the ads appear. The<img>tag may specify a URL to a CGICommon Gateway InterfaceThe Common Gateway Interface is a standard method for web servers software to delegate the generation of web pages to executable files...
script on the ad server, including a string uniquely identifying the site producing the traffic, and possibly other information about the person viewing the ad, previously collected and associated with a cookieHTTP cookieA cookie, also known as an HTTP cookie, web cookie, or browser cookie, is used for an origin website to send state information to a user's browser and for the browser to return the state information to the origin site...
. The CGI script determines which image to send in response to the request.
- Some websites hotlink from a faster server to increase client loading speed.
- Hit counters or Web counterWeb counterA web counter or hit counter is a computer software program that indicates the number of visitors, or hits, a particular webpage has received...
s show how many times a page has been loaded. Several companies provide hit counters that are maintained off site and displayed with an inline link.
Controversial uses of inline linking
The blurring of boundaries between sites can lead to other problems when the site violates users' expectations. Other times, inline linking can be done for malicious purposes.- Content sites where the object is stored and from which it is retrieved may not like the new placement.
- Inline linking to an image stored on another site increases the bandwidth use of that site even though the site is not being viewed as intended. The complaint may be the loss of ad revenue or changing the perceived meaning through an unapproved context.
- Cross-site scriptingCross-site scriptingCross-site scripting is a type of computer security vulnerability typically found in Web applications that enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same...
and phishingPhishingPhishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT...
attacks may include inline links to a legitimate site to gain the confidence of a victim. - Pay-per-content services may attempt to restrict access to their content through complex scripting and inline linking techniques.
- Inline objects can be used to perform drive-by attacksDrive-by downloadDrive-by download means three things, each concerning the unintended download of computer software from the Internet:# Downloads which a person authorized but without understanding the consequences Drive-by download means three things, each concerning the unintended download of computer software...
on the clientClient (computing)A client is an application or system that accesses a service made available by a server. The server is often on another computer system, in which case the client accesses the service by way of a network....
, exploiting faultsSecurity bugA security bug is a software bug that benefits someone other than intended beneficiaries in the intended ways.Security bugs introduce security vulnerabilities by compromising one or more of:* Authentication of users and other entities...
in the code that interprets the objects. When an object is stored on an external server, the referring site, for example Wikipedia, has no control over if and when an originally beneficial object's content is replaced by malicious content. - The requests for inline objects usually contain the referrer information. This leaks information about the browsed pages to the servers hosting the objects (see web visitor trackingWeb visitor trackingWeb visitor tracking is the analysis of visitor behaviour on a website. Analysis of an individual visitor's behaviour may be used to provide that visitor with options or content that relates to their implied preferences; either during a visit or in the future...
).
Client side
Most web browsers will blindly follow the URL for inline links, even though it is a frequent security complaint. Embedded images may be used as a web bugWeb bug
A web bug is an object that is embedded in a web page or e-mail and is usually invisible to the user but allows checking that a user has viewed the page or e-mail. One common use is in e-mail tracking. Alternative names are web beacon, tracking bug, and tag or page tag...
to track users or to relay information to a third party. Many ad filtering
Ad filtering
Ad filtering or ad blocking is removing or altering advertising content in a webpage. Advertising can exist in a variety of forms including pictures, animations, text, or pop-up windows. More advanced filters allow fine-grained control of advertisements through features such as blacklists,...
browser tools will restrict this behavior to varying degrees.
Server side
Some servers are programmed to use the HTTP referrer to detect hot-linking and return a condemnatory message, commonly in the same format, in place of the expected image or media clip. Most servers can be configured to partially protect hosted media from inline linking, usually by not serving the media or by serving a different file.For Apache
Apache HTTP Server
The Apache HTTP Server, commonly referred to as Apache , is web server software notable for playing a key role in the initial growth of the World Wide Web. In 2009 it became the first web server software to surpass the 100 million website milestone...
's httpd
Httpd
httpd stands for Hypertext Transfer Protocol Daemon .The implied meaning can be:* Apache HTTP Server* Canopy HTTPd HTTP server* CERN HTTPd HTTP server* Lighttpd HTTP server* NCSA HTTPd HTTP server...
, the mod rewrite module is often used to reject or redirect attempted hotlinks to images and media.
For Microsoft's Internet Information Services
Internet Information Services
Internet Information Services – formerly called Internet Information Server – is a web server application and set of feature extension modules created by Microsoft for use with Microsoft Windows. It is the most used web server after Apache HTTP Server. IIS 7.5 supports HTTP, HTTPS,...
web server software, third party tools may be installed to combat inline linking and hotlinking.
Nearly all of these measures will transmit an alternate content. Most types of electronic media can be redirected this way, including video files, music files, and animations (such as Flash
Adobe Flash
Adobe Flash is a multimedia platform used to add animation, video, and interactivity to web pages. Flash is frequently used for advertisements, games and flash animations for broadcast...
).
Other solutions usually combine the standard mod rewrite module with some custom complex server side scripting (i.e. to allow hotlinking for a limited amount of time).
Copyright law issues that inline linking raises
The most significant legal fact about inline linking, relative to copyright law considerations, is that the inline linker does not place a copy of the image file on its own Internet server. Rather, the inline linker places a pointer on its Internet server that points to the server on which the proprietor of the image has placed the image file. This pointer causes a user's browser to jump to the proprietor's server and fetch the image file to the user's computer. US courts have considered this a decisive fact in copyright analysis. Thus, in Perfect 10, Inc. v. Amazon.com, Inc.Perfect 10, Inc. v. Amazon.com, Inc.
Perfect 10, Inc. v. Amazon.com, Inc., 508 F.3d 1146 was a case in the United States Court of Appeals for the Ninth Circuit involving Perfect 10, Inc., Amazon.com, Inc. and Google, Inc...
, the United States Court of Appeals for the Ninth Circuit
United States Court of Appeals for the Ninth Circuit
The United States Court of Appeals for the Ninth Circuit is a U.S. federal court with appellate jurisdiction over the district courts in the following districts:* District of Alaska* District of Arizona...
explained why inline linking did not violate US copyright law:
Google does not...display a copy of full-size infringing photographic images for purposes of the Copyright Act when Google frames in-line linked images that appear on a user’s computer screen. Because Google’s computers do not store the photographic images, Google does not have a copy of the images for purposes of the Copyright Act. In other words, Google does not have any “material objects...in which a work is fixed...and from which the work can be perceived, reproduced, or otherwise communicated” and thus cannot communicate a copy. Instead of communicating a copy of the image, Google provides HTML instructions that direct a user’s browser to a website publisher’s computer that stores the full-size photographic image. Providing these HTML instructions is not equivalent to showing a copy. First, the HTML instructions are lines of text, not a photographic image. Second, HTML instructions do not themselves cause infringing images to appear on the user’s computer screen. The HTML merely gives the address of the image to the user’s browser. The browser then interacts with the computer that stores the infringing image. It is this interaction that causes an infringing image to appear on the user’s computer screen. Google may facilitate the user’s access to infringing images. However, such assistance raised only contributory liability issues and does not constitute direct infringement of the copyright owner’s display rights. ...While in-line linking and framing may cause some computer users to believe they are viewing a single Google webpage, the Copyright Act...does not protect a copyright holder against [such] acts....