Crea teamAggiungi la tua APIDocumenti
Accedi
Iscriviti

Webtor

PAGATO
Da Pavel Tatarskiy | Aggiornamento 3 महीने पहले | Tools
Popolarità

8.2 / 10

Latenza

13,633ms

Livello di servizio

92%

Health Check

N/A

Torna a tutte le discussioni

Link Protection/CORS?

Rapid account: Jontstaz
jontstaz
एक वर्ष पहले
Hi,

I like the API, I've gotten it to work now. However, I noticed there's no restrictive CORS policy on the actual M3U8 stream files. Since this will be used within an HTML <video src=""> tag, the m3u8 URL would be easily available via inspect-element. So users could potentially take the link and embed it on their website with no issues. How can this be prevented? Is it possible to create some sort of protection? Eg. add a new parameter "host" where you can pass the domain/host name from where you'll be hosting the stream so it can only be used where defined.

Thanks in advance,
Rapid account: Jontstaz
jontstaz Commented एक वर्ष पहले

Hmm are these options adjustable at all? I feel like 7 days is too long and 10 different users is far too many considering that 1 link should theoretically be for 1 user. Personally I’d find 24hr duration + 2 different IP/UserAgents more acceptable.

Thanks for your response, I appreciate it.

Rapid account: Vintikzzzz
vintikzzzz Commented एक वर्ष पहले

Hi! Every link has special token in JWT format, that restricts:

  1. Duration of link usage (only one week)
  2. Number of sharing, same link can be use only from 10 different combinations of IP and UserAgent

You have noticed good problem, that was noticed and fixed earlier. There were a lot of treats like this.

Partecipa alla discussione - aggiungi un commento di seguito:

Accedi/Iscriviti per pubblicare nuovi commenti