@Vincent The link I provided had pointers to a module exactly as you describe.
@Alistair - As Vincent alluded to, the basic question is how are you going to differentiate between Flash asking for the file and someone linking to it directly? The simplest form of basic protection would be to only allow the download to happen from your own domain (where the video anf Flash player lives), but this will only stop basic users from direct linking. Referrers / domains can be spoofed, and any file which is downloaded (as opposed to streamed) will end up on the users computer for consumption/distribution. Aran On Thu, Aug 6, 2009 at 2:27 PM, Vincent Polite <[email protected] > wrote: > Fundamentally I would be surprised if this was possible without some sort > of server-side module creating some sort of key-access relationship between > the user loading your web page and the script being loaded. Fundamentally, > if the file has to be downloaded to the web browser in order to be > seen/executed, then some form of it will be available in a users temporary > internet files, cache or some other trivial place to get to. > > I would be interested in being proven mistaken on this point, though, so if > you find a way that is ACTUALLY protected, please let me know. I don't > think you can protect the file because all the loading is happening client > side; any url you generate is something that another web browser could spoof > (based on network scanners sniffing the output). Maybe if you were able to > generate some form of encrypted output and input that made no sense unless > they were able to run it through YOUR particular filter that is hidden > server side, the best you might do is let users download a file that they > have no idea what to do with it. And even then the protection is limited, I > would think. > > But if the goal is to prevent direct download of the file... I don't know, > sorry. Hopefully a search like Aran suggests will bear results. > > Vincent > > > > On Wed, Aug 5, 2009 at 8:37 PM, Aran Rhee <[email protected]> wrote: > >> This is not really related to swfobject directly, so Google will be your >> friend for this question. >> >> with a term like "protect flv from direct download" you will find links >> like: >> http://flowplayer.org/forum/2/16058 >> >> which go through the sort of thing you are after. I don't think .htaccess >> is the right direction of travel... >> >> >> Aran >> >> >> >> On Thu, Aug 6, 2009 at 12:20 PM, Alistair <[email protected]>wrote: >> >>> >>> Hi >>> >>> I am having problems protecting my .flv files from direct download. >>> >>> I want the video to be viewable in the SWFObject player displayed in >>> my PHP page. But I don't want the user being able to access them >>> directly via the URL. >>> >>> I have added a .htaccess file in the video directory as follows >>> >>> # no one gets in here! >>> deny from all >>> >>> This stops the download but also stops the video from playing in the >>> SWFObject >>> >>> I have tried adding >>> allow from localhost >>> allow from 127.0.0.1 >>> >>> but no joy. >>> >>> >>> The SWFObject code is as follows >>> >>> <script type='text/javascript'> >>> >>> var s1 = new SWFObject('applications/ >>> player.swf','player','640','380','9'); >>> >>> s1.addParam('allowfullscreen','true'); >>> >>> s1.addParam('allowscriptaccess','always'); >>> >>> s1.addParam('flashvars','file=../video/ >>> gtv.flv&displayclick=fullscreen&title=Site >>> Title&icons=false&fullscreen=true&autostart=true&skin=applications/ >>> nacht.swf'); >>> >>> s1.write('flashtest'); >>> >>> </script> >>> </div> >>> >>> The video file plays in the player fine if I take away .htaccess. >>> >>> Is there a best practice for protecting your video content from direct >>> download? >>> >>> >>> Alistair >>> >> > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "SWFObject" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/swfobject?hl=en -~----------~----~----~----~------~----~------~--~---
