Aspects of Web content which allow over-sharing of Web Publications

Editors:

• Laurent Le Meur (EDRLab)

Version: V1.0

Release date: 2020-12-15

Uncontrolled access to the publication

1.1/ The Web Publication manifest and all resources of a publication are accessible without proper authorization.

1.2/ Concurrent access to the resources of a publication is possible from multi-threaded scripts, allowing a great optimization of content grabbing.

1.3/ Replay of fetch commands is easy, even after some time has passed.

Discovery of the URLs of publication resources

2.1/ Hyperlinks in HTML content reveal target URLs when interacted with (using mouse over, finger touch or keyboard focus).

2.2/ Resource URLs are predictable.

Copy of textual content

3.1/ Text in HTML content can be selected (using the mouse of keyboard shortcuts)

3.2/ Once selected, text in HTML content can be copied to the clipboard (using the context menu or keyboard shortcut).

Copy of HTML markup

4.1/ The Web inspector / debugger can be opened via the context menu, offering access to the HTML markup, associated CSS stylesheets and Javascript code.

4.2/ The browser “view source” feature displays the HTML markup.

Copy of image content

5.1/ Images can be dragged (using the mouse), then dropped into another document.

5.2/ Images can be easily copied or downloaded (using the context menu).

5.3/ Images can be fetched from their URL, if known.

Direct fetching of resources from the server

6.1/ Resources are obtained from any client without an appropriate HTTP referer header (URL obtained via the Web browser address bar or tools like curl / wget).

6.2/ Resources are grabbed by an HTTP proxy, during their transmission from the server to the client.

Fetch of resource from the cache of the Web browser

7.1/ Non-obfuscated resources are copied from the cache of the Web browser.

Misc.

8.1/ The print feature of the browser allows for an easy export of individual documents from the publication.

8.2/ Screen capture tools (including video capture like Snagit or Camtasia), associated with proper OCR for textual content, allows user to recreate the content of a publication semi-automatically.

Links

Next

Read the server and client techniques recommended for the protection of Web content (the “solutions”).

Previous

Read the introduction to the project.

This site is open source. Improve this page.