10 ways to encrypt and prevent downloading of in-house training courses and paid courses on online education platforms:
Example demonstration: Course video - Lesson 1 Adverbial Clauses, VRM demonstration application
In-house training courses and paid courses on online education platforms, how do they encrypt their video courses? We have compiled 10 ideas for your reference:
1.VRM fragmented out-of-order video encryption
Distributed coding technology is used to physically slice video files, and each video is encrypted with a mixture of multiple algorithms. At the same time, combined with an independently developed codebook, the key data is mixed out of order, and the video files are encrypted at the highest level. In this way, the encrypted Even if the video content is downloaded, it cannot be redistributed maliciously, making it twice as difficult to crack the video.
2.Html5 full-link video encryption
The common H5 encryption on the market adopts the standard Apple HLS Encryption video protection mechanism. On this basis, we carry out in-depth optimization, deeply encrypt the key, and simultaneously achieve double encryption of the video player and video data files to form a terminal End-to-end full-link video security protection means that even if the video file is stolen, other applications will not be able to play it, making the video more secure.
Example of our encrypted call method:
<div id="player"></div>
<script src="//player.polyv.net/script/player.js"></script>
<script>
var player = polyvPlayer({
wrap: '#player',
width: 800,
height: 533,
vid: '88083abbf5bcf1356e05d39666be527a_8',
playsafe:'81814fed-bdd0-4506-bec1-ebc8093148c5-hfevwsfxcsbcocx',
//playsafeUrl:'https://myDomain.com/token', // 业务方自定义的获取播放凭证接口URL,与playsafe参数二选一
ts:'1568131545000',
sign:'88313661ba7ded642c7b557b0a364b4b'
});
//切换加密视频时,需要重新获取播放凭证。如果初始化播放器时使用了playsafeUrl参数,则播放器会自动获取新的凭证,无需传playsafe参数。
player.changeVid({
vid: '88083abbf5bcf1356e05d39666be527a_9', //需要切换的视频vid
playsafe: '81814fed-bdd0-4506-bec1-ebc8093148c6-hfevwsfxcsbcocx', //新获取的playsafe token
sign: '88313661ba7ded642c7b557b0a364b4c', //新获取的sign和ts参数
ts: '1568131545001'
});
</script>
Before playing encrypted videos on a web page, you need to access the business's own server-side authorization verification interface (you can add your own business's authorization verification logic here, such as whether to log in, whether to purchase courses, etc. It is recommended to use HTTPS). If playback is allowed in the business, the playback credentials are obtained by creating a Playsafe Token interface (or the sign and ts parameters are generated on the server side) and returned to the web player.
Code example for server-side generation of playback credentials:
// 接口中应附带自有业务的授权验证逻辑,如判断是否登录、是否购买课程等
// 以下为生成播放凭证的代码示例
function get_client_ip() {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ipaddress = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ipaddress = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ipaddress = $_SERVER['REMOTE_ADDR'];
}
return $ipaddress;
}
$userId = 'your userId'; // 保利威点播账号的userId
$secretkey = 'your secretkey'; // 保利威点播账号的secretkey
$videoId = '88083abbf5bcf1356e05d39666be527a_8'; // 视频vid
$ts = time() * 1000; // 时间戳
$viewerIp = get_client_ip(); // 观众ip
$viewerId = '12345'; // 观众id
$viewerName = 'testUser'; // 观众昵称, 若值为中文需要urlencode('张三')
$extraParams = 'HTML5'; // 自定义扩展参数
$disposable = false // true 表示 token 仅一次有效。false 则表示在有效期内可以多次验证。默认为 false。
/* 将参数 $userId、$secretkey、$videoId、$ts、$viewerIp、$viewerIp、$viewerId、$viewerName、$extraParams按照ASCKII升序 key + value + key + value ... +value 拼接
*/
$concated = 'extraParams'.$extraParams.'ts'.$ts.'userId'.$userId.'videoId'.$videoId.'viewerId'.$viewerId.'viewerIp'.$viewerIp.'viewerName'.$viewerName;
// 首尾加上secretkey值
$plain = $secretkey.$concated.$secretkey;
// 取大写MD5
$sign = strtoupper(md5($plain));
// 然后将下列参数用post请求 https://hls.videocc.net/service/v1/token 获取 token
$url = 'https://hls.videocc.net/service/v1/token';
$data = array('userId' => $userId, 'videoId' => $videoId, 'ts' => $ts, 'viewerIp' => $viewerIp, 'viewerName' => $viewerName, 'extraParams' => $extraParams, 'viewerId' => $viewerId, 'sign' => $sign);
$options = array(
'http' => array(
'header' => "Content-type: application/x-www-form-urlencoded",
'method' => 'POST',
'content' => http_build_query($data)
)
);
$context = stream_context_create($options);
$result = file_get_contents($url, false, $context);
// 获取接口返回结果中的token值, 并传给播放器播放加密视频
$token = json_decode($result)->data->token;
echo $token;
Java SpringMvc code:
@ResponseBody
@RequestMapping("/playerSafe")
public String playerSafe(HttpServletRequest request) {
String userId = "your userId"; // 保利威点播账号的userId
String secretkey = "your secretkey"; // 保利威点播账号的secretkey
String videoId = "88083abbf5bcf1356e05d39666be527a_8"; // 视频vid
long ts = System.currentTimeMillis(); // 时间戳
String viewerIp = getClientIp(request); // 观众ip
String viewerId = "12345"; // 观众id
String viewerName = "testUser"; // 观众昵称, 若值为中文需要urlencode('张三')
String extraParams = "HTML5"; // 自定义扩展参数
boolean disposable = false; // true 表示 token 仅一次有效。false 则表示在有效期内可以多次验证。默认为 false。
/* 将参数 userId、secretkey、videoId、ts、viewerIp、viewerIp、viewerId、viewerName、extraParams按照ASCKII升序 key + value + key + value ... +value 拼接
*/
String concated = "extraParams" + extraParams + "ts" + ts + "userId" + userId + "videoId" + videoId + "viewerId" + viewerId + "viewerIp" + viewerIp + "viewerName" + viewerName;
// 首尾加上secretkey值
String plain = secretkey + concated + secretkey;
// 取大写MD5,可自行选择md5库
String sign = md5Hex(plain).toUpperCase();
// 然后将下列参数用post请求 https://hls.videocc.net/service/v1/token 获取 token
String url = "https://hls.videocc.net/service/v1/token";
Map<String, String> params = new HashMap<>();
params.put("userId", userId);
params.put("videoId", videoId);
params.put("ts", String.valueOf(ts));
params.put("viewerIp", viewerIp);
params.put("viewerName", viewerName);
params.put("extraParams", extraParams);
params.put("viewerId", viewerId);
params.put("sign", sign);
// 可自行选择http客户端
String response = HttpClientUtil.getInstance().sendHttpPost(url, params);
try {
//解析json
ObjectMapper objectMapper = new ObjectMapper();
TokenResponse tokenResponse = objectMapper.readValue(response, TokenResponse.class);
// 响应代码,200为成功,403为ts过期或签名错误,400为参数错误(例如缺少 userId 或 videoId)
if (tokenResponse.getCode() == 200) {
Map data = (Map) tokenResponse.getData();
return data.get("token").toString();
}
} catch (IOException e) {
e.printStackTrace();
}
return "";
}
static class TokenResponse {
int code;
String status;
String message;
Object data;
//省略getter、setter...
}
public String getClientIp(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip;
}
3. User ID ticker
Set user I's ID, phone number or other information to run irregularly on the video (for tracing pirates). The ID marquee function refers to setting text content (usually the ID information of the viewer) to scroll irregularly on the video to warn pirates and achieve the effect of video copyright protection. In the example, the user's ID and The phone number is displayed.
4.Digital dynamic watermark
The user ID, phone number or other information content is displayed on the video in the form of a dynamic watermark, so that the watermark appears irregularly on the video, which can trace the identity of the screen recorder and play a strong deterrent effect on ripping behavior.
5. Browser anti-screen recording
Through real-time monitoring of the player, if it is detected that the video is in the screen recording state or the small window is waiting for screen recording, the video will immediately stop playing, an error message will be displayed, and the video cannot continue to play.
6. Video watermark (corporate LOGO)
Add a company-specific video watermark to the video to incorporate the company's copyright information into the video to prevent pirates from stealing copyright and protect the company's intellectual property. After the video is uploaded, the company's logo icon watermark will be automatically added to the upper right corner/lower right corner of the video.
7. Domain name whitelist OVP anti-leeching
Use OVP anti-leeching technology to realize designated website playback, commonly known as domain name black and white list. Setting a whitelist for website A will only allow videos to be played under website A; setting a blacklist for website B will prohibit videos from being played under website B, which can effectively prevent user-original video resources from being illegally misappropriated.
8.ATS/HTTPS data tamper-proof
HTTPS protocol adopts HTTPS protocol, which provides website authentication and encrypted communication methods to avoid information interception and "phishing" attacks, effectively prevent web pages from being tampered with, and ensure information security between enterprises and students; ATS standard, Apple operating system follows ATS Standard, after turning on the ATS security feature, network transmission is automatically transmitted through the HTTPS protocol to ensure safe video playback.
9. Player code obfuscation and encryption
The player code is encrypted to prevent decompilation, code obfuscation, etc.
10. Disable dragging of the video progress bar
Example of prohibiting drag and drop function in HTML5 player (commonly used in scenarios: corporate training, online teaching content prohibits students from dragging videos to watch).
My article recommendations:
- [Video + Graphics] What is an online seminar? Can companies use online seminars for internal and external training?
- [Picture and text] What are the network bandwidth requirements for enterprise live broadcast?
- [Picture and text] How OBS achieves millisecond-level ultra-low latency live broadcast
- Live broadcast player API (player calling methods, parameters, interfaces and events)