I've been around since the early days of the web and I never understood why other people decided it ought to be bad form. You put it out there to be downloaded, why shouldn't people download it?
And yet there is no technical difference. Browsing is downloading. It seems strange to make up non-technical rules about when downloading a piece of data is or is not OK. If The Onion has a problem with the amount of data they are serving, perhaps they should configure their server to reject those requests; putting the onus on the end user not to issue HTTP GET unless a certain non-technical context exists seems.... odd.
I understand that this idea has gained currency over the last decade, but I still don't understand or agree with it.
There is a huge technical difference between downloading your own copy of a file that you then serve to your visitors and pointing all your traffic at somebody else's server. No engineer in the world would look at those two plans and say, "Eh, I can't tell any difference."
> If The Onion has a problem with the amount of data they are serving, perhaps they should configure their server to reject those requests; putting the onus on the end user not to issue HTTP GET unless a certain non-technical context exists seems.... odd.
No clue what you're talking about. For one, we're talking about website creators here rather than end users, and it's these website creators' failure to issue an HTTP GET that's considered bad manners.
Wait. What? Am I misunderstanding you, or are you seriously suggesting that someone wanting to direct people's web browsers to some interesting resource ought to copy the bits onto their own server, thereby potentially violating the creator's copyright, instead of simply pointing people at the original file?
I understand that other people have made up this idea that "hotlinking" is bad, but it never made any sense to me and I never got on board that train. People "hotlink" stuff off my blog all the time and I think that's great. I put the photos up there to be looked at; if people want to share them, I read that as a sign that I took a good photo. If I wanted to stop people from looking at my photos in certain ways - when the referer comes from a site other than my own, for example - then I would configure my web server not to serve out the bits under those conditions.
If the Onion doesn't want to serve out their CSS file under certain conditions, they should configure their server not to serve the bits under those conditions. If the Onion chooses instead to configure their web server to serve the bits to anyone who asks for them, people should feel free to ask for them.
If the Onion chooses instead to configure their web server to serve the bits to anyone who asks for them, people should feel free to ask for them.
But it's not "people" asking for them, it's one specific site causing browsers to ask for them unwittingly. Embedding images is less egregious if attributed correctly, but still discourteous and possibly a violation of copyright unless it is encouraged by the site.
However, hotlinking CSS is essentially copyright violation (for lifting the design wholesale, essentially creating a derivative work). There is simply no excuse for not writing and hosting your own CSS.
As the others have said, when hotlinking/embedding, you are profiting from another system's bandwidth and storage resources. Why don't I just hook up your water tap to my house? You should have put a lock on it if you didn't want it to be used for that purpose.
I must point out that hijacking resources from another server is in strong contrast to scraping for personal use, whitehat research, etc. It's one thing to send arbitrary HTTP requests to a server that will answer them. It's another entirely to cause others' browsers to do so without permission, especially in a way that is not explicitly announced and attributed, or accrues to your benefit at the other server's expense.
It cannot be a violation of copyright, since no copy occurs. Site A tells browser B where to find a resource on Site C. Site A sends zero bytes of the actual resource to browser B. Site A does not have a copy of the resource. Instead, the resource continues to live on the server under the control of the copyright holder. Browser B then contacts site C, asks for the resource, and site C voluntarily sends those bits. There is no on server A, server A does not transmit a copy to browser B, and therefore there can be no copyright violation.
It doesn't make any sense to me to get all worked up about "rude behavior". The internet is full of people who want to break into your box and take over your system. If you have a server facing the internet you have to expect that people are going to be ruder than you ever dreamed possible, and they are going to do this all the time. Complaining about it won't change anything; just fix your server so it doesn't do things you don't want it to do. I understand that there's this whole big social thing about "hotlinking" which has grown up now, and I've heard all the reasons people use for it, I just look around at the state of the internet and think it's a trivial thing to worry about. Just fix your config and get on with life. Browbeating someone else for using resources which are advertised and provided to the public for free seems like an amazing waste of time.
A complex society relies on people avoiding stepping on one anothers' toes. You can't always rely on the Refer[r]er header to block access to resources, either.
Just don't freaking do it. It pisses people off to no productive end (as opposed to personal scraping, whitehat access, etc., which also piss people off, but serve a useful purpose).
Also, copyright provides more rights to creators than just restricting copies and distribution. There are also public performance rights, which I would argue are violated by embedding another site's resources into your own site without permission.
Think of it this way. What would happen if Google, facebook, or twitter hotlinked to a large file on your site and you received no revenue from it? If that didn't make sense, the cliffs notes version is that you'll end up with a gigantic bill from your hosting provider and a DOS'ed site. That's why it's bad form to hot link without permission. It's a rule that's developed over time in response to stuff like this. Also, it's a two way street. Many sites will black list referrers from sites that do a lot of hotlinking as its a really common spam tactic.