You can control access to the images that are displayed in interviews so that respondents cannot reference those images outside the surveys. To do this, set the TrustedDomain parameter in the web.config file to a list of domain names that are allowed to access the images.

The Referer header of the requests for images is checked against the TrustedDomain list. It can be used to restrict requests for images to image URLs embedded in the HTML pages of interviews only. When a browser receives a page of an interview, it extracts the URLs of the images, and then sends a request to the ImageCache for each image. That request includes a “Referer” HTTP header value which specifies the URL of the page that is requesting the image.

By default, TrustedDomain is not set. This means that images that in the image cache can be accessed by a browser outside of the context of the interview.

Set the TrustedDomain parameter in the web.config file to a list of domain names that are allowed to access the images. Separate the names by using either commas or semi-colons. Usually, the list should include the external domain name that is used to access the interview, that is, the domain name of the URL that is used to access mrIWeb.dll or the Interview Web Service.

You do not need to include local requests, because they are always trusted. Local requests are:

This allows the ImageCache to respond to requests for templates from the HTML Player component which do not specify a Referer header, that is, the LocalImageCacheURL parameter in mrIWeb web.config file.

If a DMZ is used to support externally accessible mrIWeb and ImageCache instances, these instances are usually configured to request images and templates from an ImageCache instance that is in the internal network.

In this case, do not set the TrustedDomain list on the internal ImageCache instance. Validate the Referer header by the publicly accessible ImageCache instance.