Restrict Download Video
How to Restrict Download Video by HTML source
Please let me know
1 Community Answers
Randy
JW Player Support Agent
0
rated :
Hello,
Thank you for your interest in data encryption of your video stream. We have a few options you should consider when encrypting content:
Requires an ENTERPRISE Account
https://support.jwplayer.com/customer/portal/articles/1430261-aes-content-protection
AES Encryption
Your stream would need to be encrypted on the deliver side from a CDN such as Wowza and that key will then be decrypted by the JW Player embed.
The Enterprise edition has the ability to decrypt stream segments that are encrypted with AES-128. When encryption is used, the m3u8 playlist file needs to reference the corresponding key file so that the JW Player can retrieve the keys for decryption. The using the aestoken configuration, the player can also pass a token to the key request URI, enhancing the security of AES.
JW Player supports three modes for decoding encrypted segments:
1. The key can rotate per fragment or be the same.
2. The key can be hosted externally or be embedded within the index file.
3. Custom initialization vectors (IVs) can be used.
Note: JW Player does not support SAMPLE-AES.
Sample Code from an HLS stream with AES exception turned on:
#EXTM3U
#EXT-X-TARGETDURATION:10
#EXT-X-VERSION:3
#EXT-X-MEDIA-SEQUENCE:0
#EXT-X-PLAYLIST-TYPE:VOD
#EXTINF:10,
#EXT-X-KEY:METHOD=AES-128,URI=“key”,IV=0×1c341b1db8ff5399501511a99c8c7d14
fileSequence0.ts
#EXTINF:10,
fileSequence1.ts
#EXT-X-ENDLIST
Sample Code from the JW Player Setup Block
var playerInstance = jwplayer(“myElement”);
playerInstance.setup({
file: ‘sample_aes_stream.m3u8’,
aestoken: ‘EXAMPLE_AES_TOKEN’
});
URL (Token) Signing
The JW Player dashboard and the Platform API contain a security feature that enables you to lock down public access to videos and/or players. When either videos or players are secured, they can only be requested through so-called signed URLs. These URLs are valid for a short time, so people stealing your video or embed codes will soon end up with broken links.
URL Signing is a very common content protection mechanism and essentially works as follows:
• You calculate a signature based on the required expiration time, the path of the link, and the secret key of your account.
• In the video request to our content server you send us the path of the link, the required expiration time and the signature that you generated.
• We know your secret key too, so we calculate a signature based on the path of the link, the expiration time and your secret key.
• If the signature that we calculated is the same as the one you sent us, and the the expiration time is still in the future, our contentserver will then serve up the content that was requested.
• If the signature doesn’t match, or the timestamp is outdated, we deny the request.
You would also need to activate URL signing in the dashboard via the Properties Cog Wheel.
Please let me know if this works for you or if you have any additional questions.
Kindly,
Randy Lemoine
This question has received the maximum number of answers.