Blocking Inline Images



The Citrix NetScaler can be placed in front of a webserver farm that is running Apache. The same re-write rules that run on Apache, can be implemented on the Citrix NetScaler.

Assume you have under http://www.quux-corp.de/~quux/ some pages with in lined GIF graphics. These graphics are nice, so others directly incorporate them via hyperlinks to their pages. you don’t like this practice because it adds useless traffic to your server.

Example : You can restrict the cases where the browser sends a HTTP Referer header.

Apache rewrite:

RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http:<span class="code-comment">//www.quux-corp.de/~quux/.*$
</span>RewriteRule .*\.gif$        -                 [F]



AppExpert rewrite:

Add patset pat1
Bind patset pat1 .gif
Bind patset pat1 .jpeg
add responder action act1 respondwith '<span class="code-quote">"HTTP/1.1 403 Forbidden\r\n\r\n"</span>'
add responder policy pol1 '!HTTP.REQ.HEADER(<span class="code-quote">"Referer"</span>).EQ(<span class="code-quote">"") &amp;&amp; !HTTP.REQ.HEADER("</span>Referer<span class="code-quote">").STARTSWITH("</span>http:<span class="code-comment">//www.quux-corp.de/~quux/<span class="code-quote">")&amp;&amp;HTTP.REQ.URL.ENDSWITH_ANY("</span>pat1")' act1
</span>bind responder global pol1 100



Tap into the power of AppExpert!