Securing Video Content with Signed URLs
In February 2008, a software engineer working on the video encoding pipeline for a mobile video service discovered that their live streams' RTSP URLs were posted on a popular web forum, allowing anyone to access them without a subscription. The company issued a take-down letter to the owner of the web forum, and subsequently added expiring signed URLs to all live and on-demand videos to secure the streams and restore confidence among content providers. Signed URLs are an effective method for discouraging leeching and hotlinking by including a token that expires in the future, ensuring that requests beyond the token's expiration time return an HTTP error code. Mux Video has extended its intuitive video API to include management of keys used to digitally sign video & image URLs, utilizing signed JSON Web Tokens (JWT) for this purpose.
Company
Mux
Date published
May 10, 2018
Author(s)
Scott Kidder
Word count
1256
Language
English
Hacker News points
None found.