2

I am using an video embed code (Similar to youtube's embed code) and I would like to Encrypt or hash a part of the code (The Video id or filename of the video). It is important to me that a user that views the source code of the page wont be able to view those items. Is there a way I can do so? Any recommendation?

I'd add that my site is using php.

For example, here is an youtube embed code:

<object width="420" height="315"><param name="movie" value="http://www.youtube.com/v/fRgWBN8yt_E?hl=en_US&amp;version=3"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/fRgWBN8yt_E?hl=en_US&amp;version=3" type="application/x-shockwave-flash" width="420" height="315" allowscriptaccess="always" allowfullscreen="true"></embed></object>

Lets say I would want to change the part:

value="http://www.youtube.com/v/fRgWBN8yt_E?hl=en_US&amp;version=3">

Into:

value="sdfj8435437fjdfs8458543(Some Kind of hashing or encryption)">

Thanks,

Nimi

Improve this question
7
  • 3
    See my answer here. To paraphrase: "Always remember: if the browser can show it, anyone can copy it, you can only make it (a tiny bit) harder." Commented May 21, 2013 at 13:53
  • iwebtool.com/html_encrypter is this what you're searching for? Commented May 21, 2013 at 13:54
  • Your only option may be to dynamically generate a key in the HTML response that gets passed to the video resource. Then in the server's handler for the video, validate the key. Keys can expire after a certain amount of time, certain number of uses, etc. In the end, users can still use it at least at first. You'll end up looking for a balance between development effort, user aggravation, and security. Commented May 21, 2013 at 13:55
  • you can't have things looking like one thing in source code inspection and other when being executed by the browser. That's how html rolls Commented May 21, 2013 at 13:55
  • 1
    @jakee well actually that IS possible. You can write one thing in the HTML, and then decrypt/decode it using JS at runtime. 'View Source' will show the encrypted code, but the element inspector will always show the decrypted one. What OP wants is possible, just terribly pointless. Commented May 21, 2013 at 13:57

3 Answers 3

Reset to default
9

That is completely, fundamentally impossible.

No matter what you do, the user can see the final result in the inspector or network tab.

Instead, you can place a single-use token in the URL so that it will only work once.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

That answer was blessed by SLaks's powers.
-1

I assume you don't want the user to find the video in YouTube or some other video sharing platform.

Well, that is indeed impossible if the video is open to the public. Instead, consider using Vimeo Plus, where you can hide the uploaded videos from the public and only allow embedding in a white list of predefined URLs

Improve this answer

Comments

-1

Step -1 ) Convert ASCII VALUE To Hexadecimal

ASCII VALUE - http://www.youtube.com/v/fRgWBN8yt_Ehl=en_US&version=3

HexaDecimal VALUE - 68 74 74 70 3a 2f 2f 77 77 77 2e 79 6f 75 74 75 62 65 2e 63 6f 6d 2f 76 2f 66 52 67 57 42 4e 38 79 74 5f 45 3f 68 6c 3d 65 6e 5f 55 53 26 61 6d 70 3b 76 65 72 73 69 6f 6e 3d 33

Step - 2) Replace Spaces with % ie - 68%74%74%70%3a%2f%2f%77%77%77%2e%79%6f%75%74%75%62%65%2e%63%6f%6d%2f%76%2f%66%52%67%57%42%4e%38%79%74%5f%45%3f%68%6c%3d%65%6e%5f%55%53%26%61%6d%7%3b%76%65%72%73%69%6f%6e%3d%33

step - 3) use javascript function unescape('68%74%74%70%3a%2f%2f%77%77%77%2e%79%6f%75%74%75%62%65%2e%63%6f%6d%2f%76%2f%66%52%67%57%42%4e%38%79%74%5f%45%3f%68%6c%3d%65%6e%5f%55%53%26%61%6d%7%3b%76%65%72%73%69%6f%6e%3d%33');

step -4 ) example - unescape('%67%6f%6f%67%6c%65%2e%63%6f%6d')">Test i.e these is for opening google.com

in your case use

<object width="420" height="315"><param name="movie" value="<script>unescape('68%74%74%70%3a%2f%2f%77%77%77%2e%79%6f%75%74%75%62%65%2e%63%6f%6d%2f%76%2f%66%52%67%57%42%4e%38%79%74%5f%45%3f%68%6c%3d%65%6e%5f%55%53%26%61%6d%7%3b%76%65%72%73%69%6f%6e%3d%33</script>"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/fRgWBN8yt_E?hl=en_US&amp;version=3" type="application/x-shockwave-flash" width="420" height="315" allowscriptaccess="always" allowfullscreen="true"></embed></object>

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.