I am trying apply some protection for videos played inside website from being downloaded by other than the player itself.
I figured out the following solution to do
In view file :
@php
$token = uniqid ();
Session::put('videoToken',$token);
@endphp
<video id="my-video" class="video-js" controls preload="auto" width="800" height="450"
poster="" data-setup="{}">
<source src="?token=$token" type='video/mp4'>
<p class="vjs-no-js">
To view this video please enable JavaScript, and consider upgrading to a web browser that
<a href="http://ift.tt/1n3ZgSJ" target="_blank">supports HTML5 video</a>
</p>
</video>
videoView Route:-
Route::get('/video/{id}',function(Request $request){
if ($request->token == Session::get('videoToken'))
{
$post = Post::find($id);
return response()->download($post->path, 'vid.mp4');
}
else{
die();
}
})->name('videoView');
Well, for the above coding , i will make sure that the video file is only generated if $token verified , how can i add extra layer to verify if request is coming from the page where player is, so any one if try to access that video by using the URL : http://ift.tt/2zNqryE , it wont work.
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire