Quote:
Originally Posted by Dephormation
I've added another server side 'dephormation' method.
-- snip --
Update; rats, of course it occurs to me you're still at the mercy of Phorm... they still copy your content regardless. It just makes it harder to profile the user. SSL that's what you really need. No two ways about it. |
This is what I came up with, and yes I'm well aware something this hard line isn't appropriate for many sites. There's also the problem where adware scanners may remove only the webwise cookie, something else for Phormed ISPs to deal with!
PHP Code:
<?php
/* Based on an idea by gjamie
** http://www.badphorm.co.uk/e107_plugins/forum/forum_viewtopic.php?3090.30
*/
define('PHORM_COOKIE', 'webwise');
define('HTTP_403', 'HTTP/1.1 403 Forbidden');
function inphorm(){
echo '<html><head><title>',HTTP_403,' | Illegal Interception</title></head>'
,'<body><h1>Forbidden due to Illegal Interception</h1>'
,'<p>Please contact your ISP for assistance.</p></body></html>';
}
function set_detection_cookies(){
$exp = time() + 3600;
setcookie('dummy', '1', $exp, '/');
setcookie(PHORM_COOKIE, '1', $exp, '/');
}
if (isset($_COOKIE['dummy']) && !isset($_COOKIE[PHORM_COOKIE])){
header(HTTP_403);
if ($_SERVER['REQUEST_METHOD'] != 'HEAD')
inphorm();
exit();
} else
set_detection_cookies();