Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p>In reality, <strong>you can't</strong>. But <em>you can make it harder to download</em>. </p> <hr> <h1>Browsers make grabbing too easy</h1> <p>Because that's what browsers were designed to do: <em>Serve content</em> - which means <em>give the content to the user</em>. To show you how easy it is, here's how I usually grab videos on virtually <em>any video streaming site</em>:</p> <p>Prepare the network tab of your preferred browser debugger and let the video load. Then look for it in the loaded resources. Videos are usually streamed in .flv or .mp4, and audio in .mp3. When you spot the url, open a new tab/window and open the link there. The browser will then download the file.</p> <hr> <h1>Making it harder</h1> <p>Here are methods on making a grabber's life harder. Like I said earlier, these are not fool-proof methods, but can at least ward off skiddies.</p> <h2>Video to Canvas technique</h2> <p>Recently I came across <a href="http://html5doctor.com/video-canvas-magic/" rel="noreferrer">this article from HTML5Doctor</a> while researching motion detection in JS. This involves streaming your video via a <code>&lt;video&gt;</code>, then with some JS, literally copy the video to a <code>&lt;canvas&gt;</code>. <a href="http://html5doctor.com/demos/video-canvas-magic/demo1.html" rel="noreferrer">Here's an example</a> where the video is up front, while the canvas at the back get's fed with data from that same video.</p> <p>Essentially, what you do is:</p> <ul> <li>Predefine on the HTML or dynamically insert a <code>&lt;canvas&gt;</code> to the DOM. This is the "player" that the user sees.</li> <li>Dynamically create a video tag via JS, append it to the DOM hidden and give it a url to stream. This will be the video source for the canvas.</li> <li>Then with JS, you periodically grab data from the <code>&lt;video&gt;</code> you just created and draw it to the <code>&lt;canvas&gt;</code>. With this step, the video gets fed to the canvas.</li> </ul> <p>That's the very basic of the entire routine. Since your player is now the canvas and the true video hidden, you can try right-clicking all you want and save. Since the canvas acts like an image on the page, you can only save a shot of a frame that was displayed on the canvas. As for controls, <a href="https://developer.mozilla.org/en-US/docs/DOM/HTMLMediaElement" rel="noreferrer">JS has an API for controlling <code>&lt;video&gt;</code></a> so you can create custom buttons and sliders.</p> <p>However, if they know you are doing this, they will find your hidden video element, and you are screwed. This leads us to the next method that complements this front-end only technique, with aid from the server side.</p> <h2>Temporary resource urls</h2> <p>One thing you can do to prevent this method is to <em>prevent the link from being reusable</em>. Make the link disposable, temporary, one-time use only. Once the player loads using the disposable url, dispose of it. Make it unusable.</p> <p>Similar to <a href="http://en.wikipedia.org/wiki/Cross-site_request_forgery#Prevention" rel="noreferrer">CSRF prevention</a>, when a browser requests a page with your video, have it generate a random token and store it in some storage on the server side for later reference. At the same time, <a href="http://php.net/manual/en/session.idpassing.php" rel="noreferrer">append it to the url of your video</a>, something like this:</p> <pre><code>//we load some video with id 1234324 from your site using this url //and the token generated on page load is appended as sid http://yoursite.com/media.php?video_id=1234324&amp;sid=a0s9d8a98a0d98asd09809wq0e9 </code></pre> <p>Now when your player loads the video, it will use this url that carries the token. Have the server validate the token. </p> <p>If it's good, stream the video and <em>destroy the token from the server</em> to avoid reuse. This essentially makes the url "one time use only". If an invalid token is used, <a href="http://en.wikipedia.org/wiki/List_of_HTTP_status_codes#4xx_Client_Error" rel="noreferrer">return the appropriate headers as the response</a>, like a 403 perhaps.</p> <p>To add a bit more security, impose an expiry of the url by storing it's timestamp along with the token. Then compare the request timestamp with the stored timestamp if it's still within the "use window". Make this "use window" short enough to be used by the player on the page, but not long enough for a skiddie to grab that url and paste it into another tab/window/downloader.</p>
    singulars
    1. This table or related slice is empty.
    1. POPrevent HTML5 video from being downloaded (right-click saved)?
      singulars
      1. PTQuestion
    1. PTAnswer
    1. USJoseph
    1. USJoseph
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. POPrevent HTML5 video from being downloaded (right-click saved)?
      singulars
      1. PTQuestion
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    2. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    1. COthank you for the detail answer, is it possible at least disable the save as option from the right click menu? it will cover most basic knowledge cases
      singulars
      1. PO
      1. USpython
    2. COthat depends on the browser. i have seen times (especially firefox and chrome) that if the video is fully loaded, when you hit "save" they just pick the video from the cache instead of re-downloading (the video is already downloaded in the cache, why download it again?), thus there is no second request. the method above is applicable only when the link is reused.
      singulars
      1. PO
      1. USJoseph
    3. COactually i would less mind if they download it from the cache or the server, i understand that this cannot be prevented for 100%, but i would like at least when clients right click on the video the Save As option will apear in gray or will not be visible, i believe it will prevent from the 80% avrage users from downloading the content
      singulars
      1. PO
      1. USpython
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload