How to secure flash player src in asp.net

Question

0.00/5 (No votes)

See more:

I am working on a portal that will allow the authorized users to watch different TV channels. The TV channels details along with its basic info and video link also saved in the database. In the TVChannels form, I am using GridView to display the channels. When user click on a channel, I am getting ChannelLink string variable (which is video link) on ClickEvent from Database and then add flash player controls to a panel along with link in below code:

C#

Panel1.Controls.Add(new LiteralControl("<object width=\"100%\" height=\"100%\">"));
Panel1.Controls.Add(new LiteralControl("<param name=\"movie\" value=\"http://fpdownload.adobe.com/strobe/FlashMediaPlayback.swf\"></param>"));
Panel1.Controls.Add(new LiteralControl("<param name=\"flashvars\" value=\"src=" + ChannelLink+ "&controlBarMode=floating&autoPlay=true&streamType=live&scaleMode=stretch\"></param>"));
Panel1.Controls.Add(new LiteralControl("<param name=\"allowFullScreen\" value=\"true\"></param>"));
Panel1.Controls.Add(new LiteralControl("<param name=\"allowscriptaccess\" value=\"always\"></param>"));
Panel1.Controls.Add(new LiteralControl("<embed src=\"http://fpdownload.adobe.com/strobe/FlashMediaPlayback.swf\" type=\"application/x-shockwave-flash\" allowscriptaccess=\"always\" allowfullscreen=\"true\" width=\"100%\" height=\"100%\" flashvars=\"src=" +ChannelLink + "&controlBarMode=floating&autoPlay=true&streamType=live&scaleMode=stretch\"></embed></object>"));

The Video embed and played successfully in this way. BUT the problem is my Video Links are exposed to any one and that can be reused easily by viewing the html source of Flash player. So please help me how to secure my video links?

Posted 15-Feb-14 9:07am

Zahid Khan Kakar

Add a Solution

Comments

Zahid Khan Kakar 16-Feb-14 7:13am

I am already using authorized users to view the channels. But a user can check the video/channel link by inspecting element or html source. So I want to safe link in embedded video player src.

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Krunal Rohit · Answer 1 · 2014-02-15T17:25:00

Solution 1

You should put a check that the user is authenticated or not. You should have authentication be checked on a Page_Load event,
Refer
HttpRequest[^] and
HttpRequest.IsAuthenticated[^]

Good Luck :)
-KR

Posted 15-Feb-14 17:25pm

Krunal Rohit

v2