Taking this video as an example, here is the html tag which seems to be the critical piece of content:
<video
id="dmp_Video"
style="display: block; width: 350px; height: 197.436px; top: 0px; left: 0px;"
playsinline="" webkit-playsinline="" x-webkit-airplay="allow"
operadetachedviewtitle="All Watched Over by Machines of Loving Grace - Episode 3: The Monkey in the Machine and the Machine in the Monkey — Dailymotion"
src="blob:"
controlslist="nodownload">
</video>
It is clearly not intended to be downloadable because there is controlslist="nodownload" and I notice that it's quite resilient to casual tampering. I would like to know how this is implemented.
If I delete the surrounding clutter nodes in Firefox, I am able to right-click on the element but the menu option to download is greyed-out. If I disable Javascript, I am not able to right-click on this element at all.
If I put the blob url into the browser directly, or use wget, I get a 404.
How have they achieved this?
(I'm not asking you to hack the page for me, I'm asking what I would have to do to make my own videos similarly protected.)
Taking this video as an example, here is the html tag which seems to be the critical piece of content:
<video
id="dmp_Video"
style="display: block; width: 350px; height: 197.436px; top: 0px; left: 0px;"
playsinline="" webkit-playsinline="" x-webkit-airplay="allow"
operadetachedviewtitle="All Watched Over by Machines of Loving Grace - Episode 3: The Monkey in the Machine and the Machine in the Monkey — Dailymotion"
src="blob:https://www.dailymotion./30c69843-cd99-4101-a8bb-0a6db568dd00"
controlslist="nodownload">
</video>
It is clearly not intended to be downloadable because there is controlslist="nodownload" and I notice that it's quite resilient to casual tampering. I would like to know how this is implemented.
If I delete the surrounding clutter nodes in Firefox, I am able to right-click on the element but the menu option to download is greyed-out. If I disable Javascript, I am not able to right-click on this element at all.
If I put the https://www.dailymotion./30c69843-cd99-4101-a8bb-0a6db568dd00 blob url into the browser directly, or use wget, I get a 404.
How have they achieved this?
(I'm not asking you to hack the page for me, I'm asking what I would have to do to make my own videos similarly protected.)
Share Improve this question asked Jan 14, 2020 at 10:02 spraffspraff 33.5k27 gold badges135 silver badges255 bronze badges 2- 1 Does this answer your question? What is a blob URL and why it is used? – GrafiCode Commented Jan 14, 2020 at 10:09
- By the way, it has nothing to do with DRM – GrafiCode Commented Jan 14, 2020 at 10:09
1 Answer
Reset to default 0edit it and paste in:
URL.createObjectURL()
right before blob and you should be able to download it