开发者

How can I ensure that nobody can download a video off my site?

I'm creating a site that shows videos. I'm using the VideoJS player(HTML 5 with a flash fallback - http://videojs.com/) and am using .mp4 files.

My client is concerned that someone may be able to steal/download the video files.

What can I do to ensure no开发者_StackOverflow社区body can download the video files?


Well first off, you want to clarify with your client that actually they do want people to download the video, because if people couldn't download it then they can't watch it. The issue is that you don't want people to store a copy that they could then edit or share offline or whatever. This might sound to them like nit-picking, but it's pretty crucial to understand. For starters, once they understand this they might decide "you know what, I don't care about this after all".

Second, there is no way to entirely stop people from saving an offline copy of your files. You can make things a little harder, but because there is no way to entirely stop them you really have to decide whether or not you even want those videos online.

If after all that you are still wanting to put the videos online with some minimal protection, then what you could do is not directly embed the videos in the HTML but rather have JavaScript on the page talk to your server and request a video.


Since the video has been sent to the client, there will always be a way to get at that information. Trying to stop a user from doing this will only frustrate them.

The only way to have a user not be able to save a file is to not send it to them.

If your site is popular enough, someone will write a video grabber for it.


I think it depends on what your client wants to protect. Here are some possible solutions:

If your client's video is intellectual property and should not be watched without permission, you need to use DRM. HTML5 doesn't support DRM, so you need to use Silverlight (or maybe Flash). With DRM, anyone who has the video file can't watch it without permission.

If your client just wants to make sure that users have to go to their website in order to watch the video, you can simply make it harder to download the video or embed it on other website. You can use for example CAPTCHA + session to make sure that it's the human who's visiting the website and watching the video, not a bot crawling the website and downloading the video. This will increase the cost of user downloading video or competitor stealing video but it's not totally unbreakable.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜