Paid video content 
October 3rd, 2008, 12:05 PM
| | | |
Hi!
I'd like to produce video content that can be integrated into a
customers website on a pay-per-view or flat rate basis (linked to my
own video server).
How can I programmatically prevent 3rd party abuse (i.e. ensure that
only clicks onto the customers website are counted and nobody can
"hijack" the link)?
Thanks for your ideas.
Andreas
|
October 3rd, 2008, 05:55 PM
| | | | re: Paid video content
Andreas Müller wrote: Quote:
Hi!
>
I'd like to produce video content that can be integrated into a
customers website on a pay-per-view or flat rate basis (linked to my
own video server).
>
How can I programmaticly prevent 3rd party abuse (i.e. ensure that
only clicks onto the customers website are counted and nobody can
"hijack" the link)?
>
Thanks for your ideas.
Andreas
| Threats?
Perhaps Flash? |
October 3rd, 2008, 07:05 PM
| | | | re: Paid video content
RickMerrill wrote: Quote:
Andreas Müller wrote: Quote:
>Hi!
>>
>I'd like to produce video content that can be integrated into a
>customers website on a pay-per-view or flat rate basis (linked to my
>own video server).
>>
>How can I programmaticly prevent 3rd party abuse (i.e. ensure that
>only clicks onto the customers website are counted and nobody can
>"hijack" the link)?
>>
>Thanks for your ideas.
>Andreas
| >
Threats?
>
Perhaps Flash?
>
|
A clever person would be able to sniff packets coming in an out, find
the urls, and then publish them.
If you can use a server side language (php, ruby, python) you can set up
a script to deliver the video and control access from there. |
October 5th, 2008, 07:45 AM
| | | | re: Paid video content
On 3 Okt., 20:05, Carl <c...@never.comwrote: Quote:
If you can use a server side language (php, ruby, python) you can set up
a script to deliver the video and control access from there.
| Already thought it would go that way... Can you be a little more
specific, please? :-) How would I authenticate a request coming from a
customer's website? Referrers can be faked...
Best regards,
Andreas |
October 7th, 2008, 01:05 AM
| | | | re: Paid video content
Andreas Müller wrote: Quote:
On 3 Okt., 20:05, Carl <c...@never.comwrote: Quote:
>If you can use a server side language (php, ruby, python) you can set up
>a script to deliver the video and control access from there.
| >
Already thought it would go that way... Can you be a little more
specific, please? :-) How would I authenticate a request coming from a
customer's website? Referrers can be faked...
>
Best regards,
Andreas
|
First of all, you could check reverse the IP address of the incoming
request to see if the top level domain matches up with the customer.
Alternateively, you could simply require a POST or GET variable when the
request is made, and have the connection over a secure line. |
October 7th, 2008, 03:05 AM
| | | | re: Paid video content
Andreas Mller wrote: Quote:
On 3 Okt., 20:05, Carl wrote: Quote:
>If you can use a server side language (php, ruby, python) you can set up
>a script to deliver the video and control access from there.
| >
Already thought it would go that way... Can you be a little more
specific, please? :-) How would I authenticate a request coming from a
customer's website? Referrers can be faked...
| As Carl indicated, you'll want to store the IP address, and use a couple
other techniques. Create a unique cookie, make them enable cookies.
Some other things that will help include tracking what type of web-browser,
you can make it Internet Explorer only (although browsers can dupe such
things) but this may make frustrate some people... probably those hackers
that want to steal, heh?
Set short lives on the cookies/posts/gets. Create variable named GET tags
that only last for short durations.
--
Jim Carlock
You Have More Than Five Senses http://www.associatedcontent.com/art...ve_senses.html
Ralph Nader For President Again! Lose the Bush followers. No to McCain. http://www.votenader.org/ |
October 7th, 2008, 08:45 AM
| | | | re: Paid video content
Hi!
Thanks for your ideas.
On 7 Okt., 01:56, Carl <c...@never.comwrote: Quote:
First of all, you could check reverse the IP address of the incoming
request to see if the top level domain matches up with the customer.
| But... Isn't the request coming from the user's computer? So I'll get
the surfer's IP and not the one of the customer's website? Quote:
Alternateively, you could simply require a POST or GET variable when the
request is made, and have the connection over a secure line.
| So I make the customer's website tunnel the video-content instead of
linking to the video server directly
Best regards,
Andreas |  |
| | |  /bytes/about
We are a network of experts and professionals in IT and software development that help one another with answers to tough questions and share insights.
Get the best answers to your questions from over 225,689 network members.
|
