I'm working a script which need to restrict video download for users, they only allow to watch online,
I'm currently use "video.js" script for the player,
I already restricted right click function,
jQuery('.video-js').bind('contextmenu',function() { return false; });
also added dynamically load videos like
https://exmaplle.com/loadvid.php?video=fire.mp4&seskey=1a2asasd125asdasdasdasdas
but when i check using some FireFox extensions. those give ability to download the video file.
Is there anyway to prevent download videos using browser extensions, or are there have another players which support secure video play.
That jQuery code only disables the browser's context menu. It doesn't stop anyone from downloading the video in any way other than through that menu.
Using token authentication is useful to stop users sharing the link, but won't stop a download extension from downloading the URL from the same session, as the token is still valid.
A segmented format such as HLS or MPEG-DASH is harder for the casual user to download, but there are probably download extensions that will be able to convert them to MP4. DRM (which Video.js supports) is the most secure, but obviously comes with a high overhead of cost and complexity.
Related
I am using PHP to prevent downloading of video files played on my site. I use a PHP endpoint to hide the video file URL, I store a token in database for each play request, also I set a temporary password for each play request and store it in a session. I check the token and the password in the session with values stored in database. Also I check the user agent of the page requesting the video with the user agent of the PHP video player endpoint to be the same. I check the referrer page of the video player PHP to be from my site as well.
So far, I managed to prevent downloading the video by copying the video URL into the browser or into a download manager. But IDM Download Panel (a browser integrated download manager) still can download the video. I guess that's because it can fake it to be part of the browser and the open session and uses the same session, user agent, etc.
I wanted to know how can I prevent a download manager that is integrated into browser from downloading the video file.
One way is deleting the token from database, or mark it as "played" once the video play started. But if I do this, users will not be able to go forward and backwards on the video.
Any ideas would be really appreciated.
I have a website for playing MP4 and M3U files, and i have JWplayer for play this content on this website,
I want that only JWplayer be able to have access to file, and be able to play it, and I want to deny other access to this contents, I mean I want disable users access and i want they was not be able to download from my page, how should i do it ?
You can try putting token signing in place which will make it harder to have your content stolen (but not impossible): https://support.jwplayer.com/customer/portal/articles/1433647-url-token-signing
Otherwise, you may want to try using a more secure streaming method like HLS or DASH.
RTMP
OR
hls
The only solution that i know.
Basicly when client play your video, it downloaded as browser cache.
Locally, I have developed a music site by means of a WordPress theme, and it's running well. The problem is that once the media file is streaming in the browser, Internet Download Manager(IDM) detects it and generates the download link (That's the nature of IDM) .
So, I want to build my site such that visitors will be able to play and listen to the music, but they are not allowed to download the streaming media by any downloader.
Is there any PHP code, WordPress or jQuery plugin to do this?
Thanks in advance.
If you allow visitors to listen to a file, there is no way to prevent them from downloading it. Even DRM is broken if they are determined enough. If they can play it, they can save it.
That said, you have several options.
Use Flash to stream the file.
It is still pretty easy to download unless the file is embedded in the SWF or uses DRM. This is a common solution, and works well unless you need to support mobile browsers without Flash support.
Only allow one download per IP address.
This has major usability problems and will not work in many browsers. I don't recommend it.
Send the file encrypted and decrypt with Javascript.
Could be very slow, still doesn't stop determined users, depends on Javascript, requires either dataurl support or newer html5 audio apis.
Don't worry about it.
This is what I do.
We have a video streaming website, and the company decided to make some of the video content paid.
So we built an authenticated area and finalized all the payment issues, and now we are down to the security part.
The videos have a .flv extension, and I want restrict their downloads.
I know restriction is kind of impossible for flash players and flv files, it's a client side issue, but the least to say I want to make it as long and complicated as possible for the videos to download.
There are alot of options for video download so I want a to disable the
Realplayer download,
Chrome and firefox extensions,
and any other way that can easily access the video.
My other option (very hard to go through again) to re-encode the original .mov to some other format that can be a bit more secure.
I am using the open source JWplayer.
I made it with 2 servers in one network. One of them is public server. I wrote small php media proxy, so the links to the media files go trough it (you can now to check where are requests from). The data server (with the media files) is with internal ip(not public) and if someone tries to get the media file directly, will fail.
I think this is good solution if you have own servers.
If you have only one server media proxy is good enough, but can be easly traced from man with good knoledge.
I have a website when requires the user to be logged in to access the contents. I need to embed some music player which can play some mp3. But the mp3 download link cannot be public, so is there any way to pass the PHP session to any flash based players so that the user can listen to it.
Edit: I would want a ready made flash player which has this functionality. Ideally something like the yahoo media player which can be embedded easily
First, you need to remember that if you're serving MP3 files via straight download (not streaming) anyone can simply download the file and then share it (even if the originally-used URL itself expires). So if you really need to protect your files, then use e.g. Flash Media Server to stream the files.
If you don't need that level of protection, you can still protect the link. Instead of linking the media player directly to your MP3 file, link it to a .php script that serves the MP3 file. The PHP script will check the session; if it's valid, it will serve the correct file; otherwise, it will serve a this link is expired MP3. Here's a topic covering that.
Again, though, if you're serious about protecting the files you need to use a streaming server.