Slashdot Mirror

← Back to Stories (view on slashdot.org)

AOL Blocks Links from LiveJournal

Posted by ryuzaki0 on from the clue-not-found dept.

Evan Martin writes "LiveJournal.com is an open-source weblog site with over a million users, some of whom use AOL. Last week, AOL began blocking all HTTP requests with "www.livejournal.com" Referer headers. This is a common practice by image hosting sites to prevent off-site linking of their images and 'bandwidth theft'. However, in AOL's case, they're blocking everything, not just images, effectively breaking all links to any AOL member's site--but only from LiveJournal. To be clear: nobody on LiveJournal can even make a link to any AOL member site without getting a '404 Not Found' error. We've also heard reports of the same thing happening on AOL properties (Netscape, Compuserve). This concerns us because we have to deal with the support requests: it worked in the past for our users, and it continues to work for other sites, so our users think it's our fault."

Martin continues: "We've tried to contact AOL three different ways, all without success. We've also told our users to contact their tech support. At one point, an AOL staffer pointed out that FTP access still worked (which is probably because FTP has no "Referrer" concept), and so, as an interim fix, we're rewriting all HTTP URLs to use FTP on the AOL properties where that works instead. This means that users can again host their images on the AOL webspace they're paying for, but more importantly, it means they can simply link to their webpage.

We wouldn't be so upset if they were simply blocking images. Bandwidth use is a valid concern, after all, and we even provide step-by-step instructions for people to configure their webservers to prevent image "theft". However, because they're blocking all access, including regular links, this looks like it's either a mistake, or something more insidious (the conspiracy theorists have pointed out that AOL has just launched their own competing weblog product, also based on "journals").

Although CI Host sued AOL recently for being blocked, we really don't want to do that. We still suspect that this was all just a mistake, and hopefully, by making this public, we'll manage to get their attention, since all our previous attempts have failed."

5 of 396 comments (clear)

  1. Re:F12 by Nasarius · · Score: 5, Informative

    Gotta love Opera :)

    --
    LOAD "SIG",8,1
  2. Quick fix for HREFs viewed by MSIE by inertia187 · · Score: 5, Informative
    That's wrong of AOL, but if you're a LiveJournal user in a bind and really want to fix the links (but nothing else) fast, here's a JavaScript that you can load in all of your pages. You just need to load it once, and the page will work.

    Unfortunately, this trick really only works with MSIE. But it's better than nothing.
    <script language="javascript" type="text/javascript" src="http://www.martin-studio.com/js_tools/strip_r eferrer.js"></script>
    The above should all be on one line. Check for extra white space where the line feed got placed by Slashdot's bug (thanks alot).

    It should be strip_referrer.js with no space. Why does Slashdot do that??
    --
    A programmer is a machine for converting coffee into code.
  3. Bounce through a third party! by Anonymous Coward · · Score: 5, Informative

    A lot of websites let you bounce to other sites. Here are some demonstations

    Debian link to aol.com
    Yahoo link to aol.com
    Google link to aol.com
    Goatse link (yes, its true, goatse is useful!) to aol.com

    Hopefully, unless AOL wants to block the internet off, people will get around, and we can always set up p2p based redirection system (ala freenet). To get trough.

  4. Re:Killing referers kills EVERYTHING by Anonymous Coward · · Score: 5, Informative

    Then you are dickheads, plain and simple. The HTTP 1.1 RFC explicitly states that users should be able to turn off the Referer header. There are plenty of reasons for doing so. Furthermore, you aren't even using the right status code. It's 401 Unauthorized when you want to deny access, 404 means the content is missing (which it clearly isn't).

    There _is_ a fairly safe way of doing what you are after - let through empty strings and strings with spaces in. This lets through legitimate users who either disable the referer header, or have it set to "blocked by Norton" or whatever, whilst still stopping anyone from usefully using your bandwidth (since most of their visitors will still be providing the referer header).

  5. A simpler, browser independent solution by Anonymous Coward · · Score: 5, Informative

    I don't have a problem with <obligatoryDerisiveness> AOhelL </obligatoryDerisiveness> preventing people from leeching images from their site, but there's a simple way to get around their prevention of direct links to their site: redirect using a META tag, which strips the referer header and makes it look like a direct request.

    For example:

    If you want to link from livejournal.com/myPage1.html to members.aol.com/~myOtherPage.html, then make the link go to livejournal.com/myPage2.html ..... in the header of myPage2.html, include this meta tag:

    <meta http-equiv="refresh" content="0; url=http://members.aol.com/~myOtherPage.html">

    It works accross all browsers and appears to AOL as if somebody just typed that URL directly into the address bar of their browser.