FLV Hotlinking Protection & File Management Help

cd34 · 2010-01-18, 12:25 PM

First issue, your embedding is wrong for IE. IE doesn't support embedding the same way that Firefox/Safari does. The video does play for me in Firefox, but does not play in Safari or Chrome. Since Safari/Chrome are based on webkit, I would suspect something is wrong with the embedding code. I don't have IE to test, but, I am 95% sure that you need the <object> tags to embed flash for IE.

From their wizard: http://www.longtailvideo.com/support...r-setup-wizard

Code:

<script type='text/javascript' src='swfobject.js'></script>
 
<div id='mediaspace'>This text will be replaced</div>
 
<script type='text/javascript'>
  var so = new SWFObject('player.swf','mpl','470','320','9');
  so.addParam('allowfullscreen','true');
  so.addParam('allowscriptaccess','always');
  so.addParam('wmode','opaque');
  so.addVariable('file','http://www.exquisiteangelz.com/trailer.flv');
  so.write('mediaspace');
</script>

or, if you want to use the object/embed mode:

Code:

<object classid='clsid:D27CDB6E-AE6D-11cf-96B8-444553540000' width='470' height='320' id='single1' name='single1'>
<param name='movie' value='player.swf'>
<param name='allowfullscreen' value='true'>
<param name='allowscriptaccess' value='always'>
<param name='wmode' value='transparent'>
<param name='flashvars' value='file=http://www.exquisiteangelz.com/trailer.flv'>
<embed
type='application/x-shockwave-flash'
id='single2'
name='single2'
src='player.swf'
width='470'
height='320'
bgcolor='undefined'
allowscriptaccess='always'
allowfullscreen='true'
wmode='transparent'
flashvars='file=http://www.exquisiteangelz.com/trailer.flv'
/>
</object>

Should allow it to work in all browsers. So, with that fixed, then it is on to protecting your content. Since the url is in the open, someone could do a view source and download the content directly. What you would need to do is write a short plugin to protect the url by encoding it in some manner, and allow the player to decode that to find the original URL. You'll stop the honest porn surfers from finding the source, but, anyone running livehttpheaders or any similar plugin will be able to see the source url as the browser must ultimately pull that content.

the .htaccess protection would work if you were providing a direct link to the content, but, someone could just cut and paste the url.

On the server side, you could switch to lighttpd which does handle FLV streaming, and use something like:

http://redmine.lighttpd.net/projects...BeforeDownload

which is a different method of protecting the content. You would set up the one directory as the trigger, and any request to access the protected content would be denied unless the trigger had been set. Of course, if they have viewed the site and set the trigger, they could easily view the source and download the content.

2010-01-18, 12:25 PM	#8
cd34 a.k.a. Sparky Join Date: Sep 2004 Location: West Palm Beach, FL, USA Posts: 2,396	First issue, your embedding is wrong for IE. IE doesn't support embedding the same way that Firefox/Safari does. The video does play for me in Firefox, but does not play in Safari or Chrome. Since Safari/Chrome are based on webkit, I would suspect something is wrong with the embedding code. I don't have IE to test, but, I am 95% sure that you need the <object> tags to embed flash for IE. From their wizard: http://www.longtailvideo.com/support...r-setup-wizard Code: <script type='text/javascript' src='swfobject.js'></script> <div id='mediaspace'>This text will be replaced</div> <script type='text/javascript'> var so = new SWFObject('player.swf','mpl','470','320','9'); so.addParam('allowfullscreen','true'); so.addParam('allowscriptaccess','always'); so.addParam('wmode','opaque'); so.addVariable('file','http://www.exquisiteangelz.com/trailer.flv'); so.write('mediaspace'); </script> or, if you want to use the object/embed mode: Code: <object classid='clsid:D27CDB6E-AE6D-11cf-96B8-444553540000' width='470' height='320' id='single1' name='single1'> <param name='movie' value='player.swf'> <param name='allowfullscreen' value='true'> <param name='allowscriptaccess' value='always'> <param name='wmode' value='transparent'> <param name='flashvars' value='file=http://www.exquisiteangelz.com/trailer.flv'> <embed type='application/x-shockwave-flash' id='single2' name='single2' src='player.swf' width='470' height='320' bgcolor='undefined' allowscriptaccess='always' allowfullscreen='true' wmode='transparent' flashvars='file=http://www.exquisiteangelz.com/trailer.flv' /> </object> Should allow it to work in all browsers. So, with that fixed, then it is on to protecting your content. Since the url is in the open, someone could do a view source and download the content directly. What you would need to do is write a short plugin to protect the url by encoding it in some manner, and allow the player to decode that to find the original URL. You'll stop the honest porn surfers from finding the source, but, anyone running livehttpheaders or any similar plugin will be able to see the source url as the browser must ultimately pull that content. the .htaccess protection would work if you were providing a direct link to the content, but, someone could just cut and paste the url. On the server side, you could switch to lighttpd which does handle FLV streaming, and use something like: http://redmine.lighttpd.net/projects...BeforeDownload which is a different method of protecting the content. You would set up the one directory as the trigger, and any request to access the protected content would be denied unless the trigger had been set. Of course, if they have viewed the site and set the trigger, they could easily view the source and download the content. __________________ SnapReplay.com a different way to share photos - iPhone & Android