Part 1 — A Summary
Part 4 — Serving Secure Content to Users
Over the past 1 year I have been working for Great Learning, an ed-tech startup with the technology team based out of Bangalore. One of the things we do is serving high quality learning content online. We generally do that by hosting them on Wistia. After that we can use the embed links provided by Wistia on our pages and serve them via our Learning Management System.
One of the major drawbacks of this is people can easily download these videos by looking up various hacks over the Internet, and as a business we wanted our videos to be secure and extremely hard to be able to download. I was tasked to implement this.
In this series of blogs will be going through what I learnt, and in turn I will be helping you out in implementing this in your own websites and businesses, so you can also keep your content safe from downloads.
A Summary of what we will be doing:
HLS is a streaming protocol to serve live HTTP streams. Those streams can be encrypted and the media player on a webpage can decode them at run time by accessing a data key. HLS encoded files create .m3u8 playlist and .ts media files. We store those files in our s3 bucket. Every file is public other than our master playlist m3u8 file, which is private. We access the master playlist file through signed URLs.
We use Elastic Transcoder to generate .m3u8 and .ts files out of our media files and store them in a S3 bucket. We configure and use cloudfront appropriates to serve media to our clients. A Referer check using WAF is used to prevent accessing master playlist through normal means.
We generate a data key for each done processed and save it in our own domain. This key will be used by the media player to decrypt the incoming encrypted .ts files.
The data key is requested by the video player at run time and is served by looking up the URL location mentioned in the playlist files.
Note : HLS is not supported natively on Chrome and Firefox. Only Safari supports it natively. We will use the HLS.js library to play these videos on Chrome and Firefox.
The above information can be tough to digest at the first look, but I urge you not to get bogged down right now. It’s ok if you don’t understand it, because the series of posts that come after this one will explain everything in detail. You can also reach out to me incase you have any questions or have something interesting to add here.