Paid video content

**RickMerrill** · Oct 3 '08, 04:55 PM

Re: Paid video content

Andreas Müller wrote:

Hi!
>
I'd like to produce video content that can be integrated into a
customers website on a pay-per-view or flat rate basis (linked to my
own video server).
>
How can I programmaticly prevent 3rd party abuse (i.e. ensure that
only clicks onto the customers website are counted and nobody can
"hijack" the link)?
>
Thanks for your ideas.
Andreas

Threats?

Perhaps Flash?

**Carl** · Oct 3 '08, 06:05 PM

Re: Paid video content

RickMerrill wrote:

Andreas Müller wrote:

>Hi!
>>
>I'd like to produce video content that can be integrated into a
>customers website on a pay-per-view or flat rate basis (linked to my
>own video server).
>>
>How can I programmaticly prevent 3rd party abuse (i.e. ensure that
>only clicks onto the customers website are counted and nobody can
>"hijack" the link)?
>>
>Thanks for your ideas.
>Andreas

>
Threats?
>
Perhaps Flash?
>

A clever person would be able to sniff packets coming in an out, find
the urls, and then publish them.

If you can use a server side language (php, ruby, python) you can set up
a script to deliver the video and control access from there.

**=?ISO-8859-1?Q?Andreas_M=FCller?=** · Oct 5 '08, 06:45 AM

Re: Paid video content

On 3 Okt., 20:05, Carl <c...@never.com wrote:

If you can use a server side language (php, ruby, python) you can set up
a script to deliver the video and control access from there.

Already thought it would go that way... Can you be a little more
specific, please? :-) How would I authenticate a request coming from a
customer's website? Referrers can be faked...

Best regards,
Andreas

**Carl** · Oct 7 '08, 12:05 AM

Re: Paid video content

Andreas Müller wrote:

On 3 Okt., 20:05, Carl <c...@never.com wrote:

>If you can use a server side language (php, ruby, python) you can set up
>a script to deliver the video and control access from there.

>
Already thought it would go that way... Can you be a little more
specific, please? :-) How would I authenticate a request coming from a
customer's website? Referrers can be faked...
>
Best regards,
Andreas

First of all, you could check reverse the IP address of the incoming
request to see if the top level domain matches up with the customer.

Alternateively, you could simply require a POST or GET variable when the
request is made, and have the connection over a secure line.

**Jim Carlock** · Oct 7 '08, 02:05 AM

Re: Paid video content

Andreas Mller wrote:

On 3 Okt., 20:05, Carl wrote:

>If you can use a server side language (php, ruby, python) you can set up
>a script to deliver the video and control access from there.

>
Already thought it would go that way... Can you be a little more
specific, please? :-) How would I authenticate a request coming from a
customer's website? Referrers can be faked...

As Carl indicated, you'll want to store the IP address, and use a couple
other techniques. Create a unique cookie, make them enable cookies.

Some other things that will help include tracking what type of web-browser,
you can make it Internet Explorer only (although browsers can dupe such
things) but this may make frustrate some people... probably those hackers
that want to steal, heh?

Set short lives on the cookies/posts/gets. Create variable named GET tags
that only last for short durations.

--
Jim Carlock
You Have More Than Five Senses

http://www.associatedcontent.com/article/381163/more_than_five_senses.html

Ralph Nader For President Again! Lose the Bush followers. No to McCain.

Ralph Nader for President in 2008

http://www.votenader.org/

Ralph Nader for President in 2008

**=?ISO-8859-1?Q?Andreas_M=FCller?=** · Oct 7 '08, 07:45 AM

Re: Paid video content

Hi!

Thanks for your ideas.

On 7 Okt., 01:56, Carl <c...@never.com wrote:

First of all, you could check reverse the IP address of the incoming
request to see if the top level domain matches up with the customer.

But... Isn't the request coming from the user's computer? So I'll get
the surfer's IP and not the one of the customer's website?

Alternateively, you could simply require a POST or GET variable when the
request is made, and have the connection over a secure line.

So I make the customer's website tunnel the video-content instead of
linking to the video server directly

Best regards,
Andreas

Paid video content

Paid video content

Comment

Comment

Comment

Comment

Comment

Comment