We have a module in our project where there is an option of uploading mp4 videos , we are using html5 video tag player for playing the videos.
Problem we are facing is the privacy of the videos.At the time its very easy for the user to download our file either through right click save as video or by taking the url from the src of the video tag by inspect element. To do so I have studied a lot, and got the idea about the blob url through youtube videos which are not accesible through anyway. I tried to study about the blob-url, created one for my video url but still they are accessible and can be easily downloaded. Like youtube blob-url its not working. I also studied this ques question first answer, through which i got the idea about youtube mechanism of buffering video and how the blob url shown in inspect element for youtube is a spoof.
Most importantly I want to know how can we spoof our website url so that no one can download it through inspect element. Is it possible for us to do so and how? Any link related to this please share with me.I have tried to study a lot but still missing something.
What mechanism actually youtube follow for creating blob url and to save its videos?
We have a module in our project where there is an option of uploading mp4 videos , we are using html5 video tag player for playing the videos.
Problem we are facing is the privacy of the videos.At the time its very easy for the user to download our file either through right click save as video or by taking the url from the src of the video tag by inspect element. To do so I have studied a lot, and got the idea about the blob url through youtube videos which are not accesible through anyway. I tried to study about the blob-url, created one for my video url but still they are accessible and can be easily downloaded. Like youtube blob-url its not working. I also studied this ques question first answer, through which i got the idea about youtube mechanism of buffering video and how the blob url shown in inspect element for youtube is a spoof.
Most importantly I want to know how can we spoof our website url so that no one can download it through inspect element. Is it possible for us to do so and how? Any link related to this please share with me.I have tried to study a lot but still missing something.
What mechanism actually youtube follow for creating blob url and to save its videos?
Share Improve this question edited May 23, 2017 at 11:58 CommunityBot 11 silver badge asked Aug 3, 2015 at 6:33 VartikaVartika 1,0953 gold badges17 silver badges46 bronze badges 5-
Who is the target audience? My educated guess is that most people (read non-programmers or non-IT people) have no idea what
inspect elementis for and will never use it all. – David Votrubec Commented Aug 3, 2015 at 6:44 - It is still possible to download videos from youtube via 3rd party browser plugin. Those plugins work in Firefox but usually not in Chrome. – David Votrubec Commented Aug 3, 2015 at 6:45
- Still to be on safer side we want the working like youtube – Vartika Commented Aug 3, 2015 at 6:54
- if you can play back the video, someone can steal it, unless you look into HTML5 video Encrypted Media Extensions (EME) to serve your content. – Offbeatmammal Commented Aug 4, 2015 at 2:58
- if you just need to obfuscate the URL to stop others finding it then you could write a handler that does something like this blog.offbeatmammal./post/2006/06/30/… (but in a newer language!) – Offbeatmammal Commented Aug 4, 2015 at 3:05
1 Answer
Reset to default 5As your video has to arrive at the users device there is effectively no way you can stop a user intercepting and storing the file if they want to.
The typical solution to this problem is to encrypt the file and only share the key to the encrypted video with the people you want to view it. A 'bad' user can still download the video file but will not be able to play it back without the correct key.
How you get the key to the users can be very simple (you tell them it directly via some separate munication channel, like email) or more sophisticated using some sort of DRM approach.
DRM is controversial (see Firefox discussion at link below) but it is being baked into the standards with HTML5 EME (Encrypted Meida Extensions) so is being more mainstream. EME essentially allow a browser request a trusted (by the video producer) element in the browser/device to decode and play an encrypted video. See a good overview of EME at the second link below.
- https://blog.mozilla/blog/2015/05/12/update-on-digital-rights-management-and-firefox/
- http://www.html5rocks./en/tutorials/eme/basics/