thanks, Richard :)
The simplest solution is usually the best
As you suggested, I used php to created a 'log in' movie which upon
authentication loads the playlist of movies
Also, as you suggested, I think I'll create a session id with a
master password, can see everything, and a 'movie spe
> The script , makeMoviePlaylist.php, is calling itself on the server
> with
> makeMoviePlaylist.php?cmd=getmovie&path=encrypted_path_to_the_movie
> The script, makeMoviePlaylist.php, accepts the request because it
> originated from ITSELF on the server...
How do you *KNOW* it originated from ITS
On Mon, October 24, 2005 2:23 pm, Graham Anderson wrote:
> is this possible to prevent ? Or is there a better approach?
> This stuff is making my head spin a bit...
> I am learning aspects of security so any help is appreciated.
You can change makeMoviePlaylist.php to do whatever you want it to.
actually all sarcasm is appreciated ;)
at least, I got a laugh.
I am learning/experimenting with ways to add DRM to movies.
Why:
My script, makeMoviePlaylist.php, is calling the script, brain.php,
to build the movies to send to QuickTime
I wanted to prevent the user from directly accessing this
...
Problem:
if the users does this:
curl -l -i "http://www.myserver/scripts/makeMoviePlaylist.php?
cmd=makesmil"
From the above curl'd output, entering the below url into a browser
will get the movie:
http://www.myserver/scripts/makeMoviePlaylist.php?
cmd=getmovie&path=wb1v2x9hApqFwTH
5 matches
Mail list logo
