Recently there has been a fair amount of public controversy about what has been called "deep linking", which basically is the practice of accidentally setting the HREF attribute of A elements in HTML.
Apparently some idiots believe that this is a crime. Either they don't know how HTTP works, or they have serious brain damage which prevents cognition above the level of a radish.
Just in case you are one of the aforementioned idiots, here is a quick guide to the HTTP Referer: header which allows you to prevent deep linking. This works because THEY ARE ASKING YOUR GODDAMNED WEBSERVER FOR THE PAGE, AND YOU DON'T HAVE TO GIVE IT TO THEM IF YOU DON'T WANT.
Here is a (deep) link that will only work if you hit it from a link within the twistedmatrix.com domain. Just try it from somewhere else. It will fail, just like that! Pretty amazing, huh? Here's the source code.
So, for those of you with brief attention spans, let's review.
|Deep Linking Desired?||Possible Response to Deep Linking||Was this the correct response?|
|Yes||Allow deep linking; use your webserver's default configuration and participate in the web as it was designed.||Correct!|
|No||Don't allow deep linking; hire one junior programmer fresh from high-school to configure your web-server with the simple one-line check listed above, or a similar one, to see if the link came from within your web site.||Also correct! (For extra credit, try making the web-page redirect the user's browser to your front-page!)|
|No||Hire a team of expensive attack lawyers and full-time professional surfers and log analysts to locate and prosecute anyone who tries to link to your web-site without your permission, and when that fails, order a contract killing of the given webmaster.||NO NO NO NO NO!!! WRONG, TOTALLY WRONG, YOU MORONS! STOP DOING IT! WHO TOLD YOU THAT THIS WAS EVEN SANE?!?!|