|
|
|
|
|
|
by KingMachiavelli
2641 days ago
|
|
|
CORS is really just a security for embeded pages and elements. It's not intended and cannot enforce usage restrictions/rights since it requires the client (browesr) to honor the setting. If I wget a page and strip the text from it, I'm not embeding the page in any manner so CORS is irrelevant. The current 'aggrement' for respecting copyright (wether it would hold up in court even with a TOS is beyond my knowledge) is robots.txt which, I'll admit is pretty dated and a very poor solution for dynamic pages and still requires client . The best solution for copyright/paywall enforcement is to roll your own. If the request doesn't have the required cookie to access the full article, don't respond with the full page. This works very well for dealing with sites such as outline.com . Sites like outline.com would be really interesting/usefull if they allowed you to upload your login cookies so that they could get paywalled articles and still strip the ads. |
|
|
The way outline.com works is by loading the article unsuspiciously once from their server, then serving it any number of times from their infrastructure. How would this stop that from happening?