I work in a museum, our website has many .MP4 videos. I changed their extensions to .MUS to make them more difficult to download (most people don't know how to right click the webpage, click the <video> tag to download it and then rename it). Videos show fine. It looks like this :
<video width='640px' height='480px' controls='controls' />
<source type='video/mp4' src='dinos.mus'> ◄█■■■
</video>
Now I moved the videos to a protected directory outside WWW, then I use PHP to read them, like this :
<video width='640px' height='480px' controls='controls' />
<source type='video/mp4' src='open_file.php?file=dinos.mp4'> ◄█■■■
</video>
And this is open_file.php :
header( "Content-Type: video/mp4" );
readfile( "/home/" . $_GET["file"] );
It works fine... until I change the extensions from .MP4 to .MUS, then the videos are no longer shown :
<video width='640px' height='480px' controls='controls' />
<source type='video/mp4' src='open_file.php?file=dinos.mus'> ◄█■■■
</video>
I don't understand why : it's the same file, I send the proper header with PHP, the <video> tag has the proper type. Actually, without PHP the <video> tag works fine with the .MUS files, so the problem seems to be PHP.
My question is : how can I read the .MUS files and send them to be interpreted as MP4?
CodePudding user response:
I think the MIME type for .MUS files is application/octet-streamheader( "Content-Type: application/octet-stream" );
CodePudding user response:
I have tested your code, the Content-Type: video/mp4 and readfile should work (it should not be related to the file extensions, imagine if you get the file data from a BLOB, it should also work)
But just if the home directory is relative ,then please use "./home/" instead of "/home/"
and
make sure that the directory / file permissions are set properly. Say make sure the home directory is EXECUTABLE (chmod a x for home directory) and the mus files are READ-PERMITTED (chmod a r for the MUS files)
So this open_file.php works:
<?php
header("Content-Type: video/mp4");
readfile("./home/" . $_GET["file"]);
?>
See a working example here:
http://www.createchhk.com/SO/testSO20Nov2021b.php
code as follows:
<video width='640px' height='480px' controls='controls' />
<source type='video/mp4' src='open_file.php?file=test2.mus'>
</video>
CodePudding user response:
This wouldn't really protect the file. You could protect the file by hosting it on another server, buffering the video, and then renaming the file for the next user, effectively deleting the file until it gets reloaded. This would take a while to code though.
A different way to do this though, would be to use blob urls. These are what YouTube uses and it stops people from easily finding the video URL.
You can use the PHP code below to do this:
<?php // php at top of page
$video = file_get_contents('./location/to/file/from/page.mp4');
$video_code = base64_encode($video);
?>
Then, where you have the video file, you can do this:
<video width='640px' height='480px' controls='controls' controlslist='nodownload' />
<source type='video/mp4' src='<?php echo $video_code; ?>'>
</video>
If anyone tries to grab the video URL and open it, it will tell them that the file has been moved. They also cannot download the file. I would also recommend adding oncontextmenu='return false;' to the video for a bit more security.