Order Now AdSolution Sign Up | Login » Bits on the Run Sign Up | Login »

Hot Link Protection Problem With FireFox

  • Post reply
Syndicate content
17 replies [Last post]
Oliver Fri, 2008-02-29 09:40

I had a problem with FF displaying flv videos while IE worked fine. FF would load the player and when clicked to play the loading icon would spin for a few seconds then stop and when clicked again it would just continually spin until the pause button was clicked to stop it, never actually playing the video.

I found that the hot link protection was enabled on the server and that FF ignored the list of acceptable sites, mine, and would not play the videos while IE did honor the list. Disabled it and it works fine in both.

Also had an issue with FF not loading the player on particluar pages even after the hot link protection problem was solved. All the flvs file names are requested and pulled out of a database and the form name that I used when the viewer is searching for a particluar flv was "location". Bad, very bad it seems as it did funny things to the google ads in both browsers but flvs played fine in IE but the player would not load in FF on these particluar pages. Changed the name of the form and FF loads the player and works perfectly as well as solving the google ad problem of not displaying the correct content. Obviously a conflick in using the word "location" as a form name.

Hope this helps someone with a similar problem. Great player JW!

jhonyyy90 Sun, 2008-03-02 03:28

http://rapidshare.com/files/84141953/adobe.cs3.suite.wWw.Darkville.Com.Mx.by.jhonyy90.part02.rar

Canito Sun, 2008-03-16 17:08

With me it happens the same. Does any one know a way to turn that problem? Because I want to have the hotlinking protection enabled, as a way to prevent ilegal download of the files.

Marti Tue, 2008-03-18 10:55

I'm having the same problem. One of my clients emailed me that a record label prez was trying to listen to his music. He could see the player and the songs but the music wouldn't play. He was using Firefox and I have hotlinking enabled. The only solution I could think of was to put a note next to the player for people to use IE.

Looking at my stats, most people still use IE but it would be nice if Firefox would work as well, since I absolutely love using this player (for videos as well)!

gustavo Wed, 2008-04-16 23:19

i have the same problem. it only works in firefox if i enable direct requests, and i cant do that due to some fuckers

kevin Thu, 2008-04-24 14:06

I think this way might work! Just need to change header information in php, and file types in htaccess file. I will test it soon.

http://www.alistapart.com/articles/hotlinking/

aip Sat, 2008-09-06 00:30

embeded

Gordon Thu, 2009-01-29 09:15

Your not going to be able to stop video files from being hotlinked with just .htaccess because video players don't pass a referrer.

You need to implement something like http://www.hotlinkingprotection.com which uses a salt and time key to encrypt your video URLs.

mario Tue, 2009-02-03 02:15

can it be modified so it DOES pass a referrer?

lefTy Tue, 2009-02-03 09:24

@mario,

The lack of a referrer comes from the Adobe Flash Player.

The answer to your question is probably yes, but you would have to talk to Adobe about it.

V@no Wed, 2009-03-04 23:56

http://kb.adobe.com/selfservice/viewContent.do?externalId=kb403030

It seems like flash player is now allow send referrer headers. if that is true, then it's certainly JW's flaw...

Mark Sat, 2009-03-07 22:29

@V@no

The JW player will never need to use the referrer will it?

Flash Player now sending referrer headers will just mean .htaccess will work better for preventing hotlinking.

Unless it's possible to modify the headers sent by the Flash Player on the site that's doing the bandwidth stealing.

If Flash Player is now sending referrer headers and it's not possible to modify them, then isn't this a super easy solution to the .flv hotlinking problem? Just .htaccess and you're done? Instead of having to create urls which expire?

I hope so. I'm currently working on a site which will feature video quite a lot and I'm trying to find the best hotlinking solution *before* going live.

I also came up with hotlinkingprotection.com. However, their entire source is stuck in ioncube. No use to me.

V@no Sat, 2009-03-07 23:44

@Mark, I have no idea what you are talking about...
Flash player DOES NOT send referrer header in Firefox - that is the problem (in IE it DOES send referrer header, so I don't know who's fault this is, FF or Flash). This means that you CANNOT use JW player as it is now in Firefox on web sites that have hotlinking protection via .htaccess or any other ways with referrer headers checking (which IMO is pretty much outdated and useless solution against hotlinking)

Mark Sun, 2009-03-08 22:58

@V@no,

I am coming to the conclusion that protection via .htaccess is just a pain in the ass, and, as you said, pretty much useless. For embedded video anyway.

I know of two ways to protect from hotlinking without .htaccess. That's by renaming the directory your videos are in on a cron job, say every hour. Or create temporary urls to the flv's which expire.

I know *of* those two ways. I don't know *how* to do either myself.

The first way, the cron job way, would probably not be good. Since when the directory gets renamed it would break all genuine current streams / downloads that were happening at the time. No use if your site is busy.

Which leaves temporary urls as far as I know. Does anyone have a script which can create temporary urls which expire? Then everyone could drop .htaccess for hotlink 'protection'.

lefTy Sun, 2009-03-08 23:44

Use tokens.

When you serve the page, generate a token, store it on your server, expiring in whatever time is appropriate.

When the player requests the file, it sends the token back to your server. If the token is good, the video is served, if the token is bad, a short video "Sorry, you don't have a valid blah, blah, blah" is served.

A small PHP script, flat-file db for a small site, real db for a large site, is all you need.

Use an X-Sendfile header to serve the video and they won't have a clue about where the video really is.

Tony Wed, 2010-03-03 15:54

Mark or Lefty

Did any of you ever figure this out or do you have a working example

I am currently going to make an expiring domain , then at the end of 5 downloads have the link expire and give the admin address with an add if they need more downloads or want to buy.....

I like the token Idea but have no idea how to implement

jack Sun, 2010-05-02 14:31

Other solution could be: Download the source code of Longtailvideo, then add an function called: "desencrypt", and pass in the flashvar the URL encryted...
the idea is is someone check the url, it will be encrypted, but the player can uncrypted and play the original video.
if someone can get this, please email me: jackl007@megancine.com

Thanks!

nikko Fri, 2010-05-14 05:15

Joomla users can protect their videos with my script here:
www.southwesthosting.co.uk

Post new comment

  • Allowed HTML tags: <code> <blockquote> <em> <strong> <strike> <ul> <li> <ol>
  • Lines and paragraphs break automatically.
  • You may post code using <code>...</code> (generic).

More information about formatting options