It may seem, but it's not trivial at all. > This seems like a pretty trivial thing to do
The difficulty depends on how 'safe' the solution should be. I think the logical sequence could be: 1. User asks your appspot for video 2. User is redireced to your video source with an URL get attachment (the URL part behind the question mark) informing your video source: 2a. Information on the video which shall be presented to the user 2b. Information on user authorization ----- An easy form of authorization proof would be a MD5 hash of a secret string plus date and hour. Your user could extract the url, but this url would work within the current hour only. ---- A safer sequence would be a multi redirection. aa. The user is redireted to your video source with url '/requestA? video=xxxx key1=xxxx bb. Your video source creates a redirection to your appengine with url '/crypt?key1=xxxx key2=xxxx cc. Your appengine encrypts key2 with a secret string and redirects the user to your video source with the url '/requestB?key2=xxxx key3=xxxx Where key1 and key2 are une time use random numbers and key3 is equal key2 encrypted with a secret string. -- Possibly this authorization sequence could need more code than user interaction itself. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
