Content injection

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
13 messages Options
Reply | Threaded
Open this post in threaded view
|

Content injection

stern0m1
I am looking for a proxy that can inject content easily. Static content to
every HTML document.
Can I do this easily with squid? Is there another proxy that can do this
easily?
Thanks



--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Content injection

Alex Rousskov
On 09/30/2017 07:44 PM, stern0m1 wrote:

> I am looking for a proxy that can inject content easily. Static content to
> every HTML document.
> Can I do this easily with squid?

You can inject some "HTML documents" using Squid combined with an eCAP
or ICAP content adaptation service, but it is not going to be easy, and
you cannot inject documents delivered over secure connections to web
clients that pin origin server certificates. For more information, see

  * http://wiki.squid-cache.org/SquidFaq/ContentAdaptation
  * https://answers.launchpad.net/ecap/+faq/1793

Alex.
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Content injection

Amos Jeffries
Administrator
On 01/10/17 16:12, Alex Rousskov wrote:

> On 09/30/2017 07:44 PM, stern0m1 wrote:
>
>> I am looking for a proxy that can inject content easily. Static content to
>> every HTML document.
>> Can I do this easily with squid?
>
> You can inject some "HTML documents" using Squid combined with an eCAP
> or ICAP content adaptation service, but it is not going to be easy, and
> you cannot inject documents delivered over secure connections to web
> clients that pin origin server certificates. For more information, see
>
>    * http://wiki.squid-cache.org/SquidFaq/ContentAdaptation
>    * https://answers.launchpad.net/ecap/+faq/1793
>
> Alex.

For the record:

Please be aware that HTTP documents are protected by international
copyright laws. Altering other peoples content is illegal in all
countries signatory to the Berne Convention and many other countries
individual copyright laws as well.

HTTP forms an informal contract for redistribute and copy permission,
not for alteration or derivative work permissions. Unless you have
written consent from the HTML document creators explicitly giving
permission to alter the substance of their content it is legally
considered "copyright piracy" or whatever the local laws wording is.

Actions like [un]compression of the content do not change its bytes, so
are okay. But adding or removing bits from the HTML text is using their
content to generate a derivative work - for which permission is NOT
granted implicitly.


The legally safe way to inject notices to clients into traffic is to use
splash page mechanisms. Where the client periodically gets delivered a
511 status code with your message on a page you created instead of the
item they requested. You just need to make sure to detect points in the
trafffic which actually reach users eyeballs, and a way for them to
continue on to get what they wanted earlier. Quite a lot of HTTP traffic
(~80% IIRC) is software<->software and never reaches any user eyeballs.

You can modify the splash page approach by having your page use an
iframe to embed the original requestors response. Publishers can
explicitly indicate whether they grant permission for that to be done
(eg opt-out).

Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Content injection

Jeffrey Merkey
On 9/30/17, Amos Jeffries <[hidden email]> wrote:

> On 01/10/17 16:12, Alex Rousskov wrote:
>> On 09/30/2017 07:44 PM, stern0m1 wrote:
>>
>>> I am looking for a proxy that can inject content easily. Static content
>>> to
>>> every HTML document.
>>> Can I do this easily with squid?
>>
>> You can inject some "HTML documents" using Squid combined with an eCAP
>> or ICAP content adaptation service, but it is not going to be easy, and
>> you cannot inject documents delivered over secure connections to web
>> clients that pin origin server certificates. For more information, see
>>
>>    * http://wiki.squid-cache.org/SquidFaq/ContentAdaptation
>>    * https://answers.launchpad.net/ecap/+faq/1793
>>
>> Alex.
>
> For the record:
>
> Please be aware that HTTP documents are protected by international
> copyright laws. Altering other peoples content is illegal in all
> countries signatory to the Berne Convention and many other countries
> individual copyright laws as well.
>
> HTTP forms an informal contract for redistribute and copy permission,
> not for alteration or derivative work permissions. Unless you have
> written consent from the HTML document creators explicitly giving
> permission to alter the substance of their content it is legally
> considered "copyright piracy" or whatever the local laws wording is.
>
> Actions like [un]compression of the content do not change its bytes, so
> are okay. But adding or removing bits from the HTML text is using their
> content to generate a derivative work - for which permission is NOT
> granted implicitly.
>
>
> The legally safe way to inject notices to clients into traffic is to use
> splash page mechanisms. Where the client periodically gets delivered a
> 511 status code with your message on a page you created instead of the
> item they requested. You just need to make sure to detect points in the
> trafffic which actually reach users eyeballs, and a way for them to
> continue on to get what they wanted earlier. Quite a lot of HTTP traffic
> (~80% IIRC) is software<->software and never reaches any user eyeballs.
>
> You can modify the splash page approach by having your page use an
> iframe to embed the original requestors response. Publishers can
> explicitly indicate whether they grant permission for that to be done
> (eg opt-out).
>
> Amos
> _______________________________________________
> squid-users mailing list
> [hidden email]
> http://lists.squid-cache.org/listinfo/squid-users
>

Amos,

Does this apply to folks who are providing a translation service via
eCap or C-ICAP?  Google provides web page translation so how does this
affect folks who are using squid and C-ICAP for translating content
between different languages?

Jeff
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Content injection

Antony Stone
On Sunday 01 October 2017 at 06:26:01, Jeffrey Merkey wrote:

> On 9/30/17, Amos Jeffries wrote:
> >
> > For the record:
> >
> > Please be aware that HTTP documents are protected by international
> > copyright laws. Altering other peoples content is illegal in all
> > countries signatory to the Berne Convention and many other countries
> > individual copyright laws as well.

> Amos,
>
> Does this apply to folks who are providing a translation service via
> eCap or C-ICAP?  Google provides web page translation so how does this
> affect folks who are using squid and C-ICAP for translating content
> between different languages?
>
> Jeff

Also, how do ad-blockers, greasemonkey and similar client-side content
manipulation systems get away with their actions, then?

I doubt there's any legal difference whether the alteration of copyright work
is done by some middleman, or by software running on the recipient's computer,
so why are these things acceptable to the copyright owners?


Antony.

--
It is also possible that putting the birds in a laboratory setting
inadvertently renders them relatively incompetent.

 - Daniel C Dennett

                                                   Please reply to the list;
                                                         please *don't* CC me.
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Content injection

Amos Jeffries
Administrator
On 01/10/17 21:42, Antony Stone wrote:

> On Sunday 01 October 2017 at 06:26:01, Jeffrey Merkey wrote:
>
>> On 9/30/17, Amos Jeffries wrote:
>>>
>>> For the record:
>>>
>>> Please be aware that HTTP documents are protected by international
>>> copyright laws. Altering other peoples content is illegal in all
>>> countries signatory to the Berne Convention and many other countries
>>> individual copyright laws as well.
>
>> Amos,
>>
>> Does this apply to folks who are providing a translation service via
>> eCap or C-ICAP?  Google provides web page translation so how does this
>> affect folks who are using squid and C-ICAP for translating content
>> between different languages?
>>
>> Jeff

Those ones are treading a fine legal line AIUI. Note that using Googles'
translation service TOC forbids use by software other than en-users
browsers.


>
> Also, how do ad-blockers, greasemonkey and similar client-side content
> manipulation systems get away with their actions, then?
>

The client applications you mention are not publishing the content for
other clients to view. Whereas middleware is publishing the content
online for multiple clients to view.



> I doubt there's any legal difference whether the alteration of copyright work
> is done by some middleman, or by software running on the recipient's computer,
> so why are these things acceptable to the copyright owners?
>

I don't think I've ever said anything was acceptible or otherwise to
publishers. Just that the proxy middle ware modifying content is a legal
issue.

NP: If you want to know the specifics of how the laws apply to these
use-cases please consult a lawyer. I'm only familiar with this one case
of injecting advertising into others HTML Pages that keeps coming up
over, and over again.

Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Content injection

Amos Jeffries
Administrator
On 02/10/17 02:33, B Hirsch wrote:
> Any legal references someone could point to?
 >

<http://www.wipo.int/treaties/en/text.jsp?file_id=283698>

"HTML" can contain almost any type of work, so it is hard to know in
advance exactly which of the clauses or exemptions apply.

Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Content injection

Yuri Voinov
Hm, Amos. But 1986 - it is ancient in 2017, yes? Over 20 years.....
Ethernity in IT.


02.10.2017 8:47, Amos Jeffries пишет:

> On 02/10/17 02:33, B Hirsch wrote:
>> Any legal references someone could point to?
> >
>
> <http://www.wipo.int/treaties/en/text.jsp?file_id=283698>
>
> "HTML" can contain almost any type of work, so it is hard to know in
> advance exactly which of the clauses or exemptions apply.
>
> Amos
> _______________________________________________
> squid-users mailing list
> [hidden email]
> http://lists.squid-cache.org/listinfo/squid-users

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users

0x3E3743A7.asc (2K) Download Attachment
signature.asc (673 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Content injection

Yuri Voinov
In reply to this post by Amos Jeffries
In addition, hypertext is not a literary work, as it seems to me.
Moreover, it is somehow attracted to the ears, do not you think?


02.10.2017 8:47, Amos Jeffries пишет:

> On 02/10/17 02:33, B Hirsch wrote:
>> Any legal references someone could point to?
> >
>
> <http://www.wipo.int/treaties/en/text.jsp?file_id=283698>
>
> "HTML" can contain almost any type of work, so it is hard to know in
> advance exactly which of the clauses or exemptions apply.
>
> Amos
> _______________________________________________
> squid-users mailing list
> [hidden email]
> http://lists.squid-cache.org/listinfo/squid-users

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users

0x3E3743A7.asc (2K) Download Attachment
signature.asc (673 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Content injection

Yuri Voinov
In reply to this post by Amos Jeffries
And it's still said softly - it's arrtacted to the ears. Speech, as I
understand it, is about the insertion of advertising banners in the
pages given to clients from the proxy (cache). What are the literary
works and copyright? The insertion of advertising is money, and
considerable. If op is to deduct a portion of the amount for advertising
to site owners (content) - it seems to me that there will be no legal
collision and there is no need to drag here a dead donkey - that is,
forgive, the ancient laws of the early 20th century.

It seems to me that the phrase "HTML can contain" (and may not contain,
and in most cases does not contain - because the Web is bullshit in most
cases) the above - it sounds extremely Jesuit.


02.10.2017 8:47, Amos Jeffries пишет:

> On 02/10/17 02:33, B Hirsch wrote:
>> Any legal references someone could point to?
> >
>
> <http://www.wipo.int/treaties/en/text.jsp?file_id=283698>
>
> "HTML" can contain almost any type of work, so it is hard to know in
> advance exactly which of the clauses or exemptions apply.
>
> Amos
> _______________________________________________
> squid-users mailing list
> [hidden email]
> http://lists.squid-cache.org/listinfo/squid-users

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users

0x3E3743A7.asc (2K) Download Attachment
signature.asc (673 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Content injection

Amos Jeffries
Administrator
In reply to this post by Yuri Voinov
On 02/10/17 15:49, Yuri wrote:
> Hm, Amos. But 1986 - it is ancient in 2017, yes? Over 20 years.....
> Ethernity in IT.
>

Yuri, you may want to take that up with a lawyer.

"
Berne Notification No. 162
Berne Convention for the Protection of Literary and Artistic Works
Accession by the Russian Federation

...

The Berne Convention, as revised at Paris on July 24, 1971, and amended
on September 28, 1979, will enter into force, with respect to the
Russian Federation, on March 13, 1995.

December 13, 1994
"

Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Content injection

Amos Jeffries
Administrator
In reply to this post by Yuri Voinov
On 02/10/17 15:51, Yuri wrote:
> In addition, hypertext is not a literary work, as it seems to me.
> Moreover, it is somehow attracted to the ears, do not you think?
>

Lawyers told me otherwise:

"A website is copyrighted at the time of development. So putting the
copyright notice on the bottom of a site states that the material
displayed is not to be used without permission of the owner. In fact,
you don’t even need the notice to claim copyright."

"It is also common for the text, HTML, and script elements of a page to
be taken and reused. If you have not gotten permission, you have
violated the owner's copyright."


The legal point is that by adapting the original HTML you are creating a
*derived* HTML document which includes the other copyright contents
contained within the page text without permission from the original
creator - and then distributing it without their permission. That
derivative distribution is what you get in trouble.

Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Content injection

Alex Rousskov
In reply to this post by Amos Jeffries
On 09/30/2017 10:15 PM, Amos Jeffries wrote:
> Please be aware that HTTP documents are protected by international
> copyright laws. Altering other peoples content is illegal in all
> countries signatory to the Berne Convention and many other countries
> individual copyright laws as well.


For the record: The above statement does not reflect reality well. While
most documents are protected by copyright, altering a
copyright-protected document is legal in some cases and illegal in some
other cases (with a large gray area in between).

If you cannot figure out the specifics of _your_ case, please do not
follow this thread or start another discussion on squid-users! Consult a
knowledgeable lawyer instead. And if you want to chat about copyright
law peculiarities, please do that on a mailing list that specializes in
such topics.


Thank you,

Alex.
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users