Ask HN: How to defend the source of a html5 audio/video player

[dennismart]

I have spent some time thinking on how to build a html5 audio/video player that will actually hide the source of the content in a secure and efficient way.

I have some ideas but the all are about making the source use very restricted not about hiding it. Is this the way to go or do you have any other ides?

Thanks -Dennis Mårtensson

[gknoy]

The bits need to come from somewhere, and your player will need to decode / un-obfuscate that. If it gets used enough, some enterprising person will open it up their debugging tools and figure out the way that you obfuscate the source URL. This is the same issue that DRM has: trying to prevent your user from using the info you're sending them is only winnable in the short term, and impossible to win in the long term.

You might be better off having the content gated with authentication: here's your random token, good luck downloading someone else's stuff. Past that, why do you care whether the source of the content is hidden? Does it matter whether someone uses your player or wget to get the same bits?

[byoung2]

Conceptually, I don't think it's possible with HTML5. Eventually, the browser is going to open a connection to the resource, and then the user can see it in FireBug. You could hide it with Flash, but you'd have other problems with compatibility on mobile devices. You might be able to do it with a proxy too, but then the proxy would be visible. Not sure if that suits your needs.