如何从浏览器的右键菜单中禁用“另存为…”以防止客户端下载视频?
是否有更完整的解决方案来阻止客户端直接访问文件路径?
如何从浏览器的右键菜单中禁用“另存为…”以防止客户端下载视频?
是否有更完整的解决方案来阻止客户端直接访问文件路径?
当前回答
尝试禁用下载视频选项
<video src="" controls controlsList="nodownload"></video>
其他回答
我发现了一个类似问题的好答案,使用PHP而不是JavaScript以获得更好的安全性。
我想使用浏览器的默认播放器在用户的浏览器中播放test.mp4(就像在Web页面上单击了URL/test.mp4一样),但需要密码,该密码由用户提供或由软件内部提供。
下面是这个想法的一个简要概述。它开始于用户去(运行)一个我写的叫做secure.php的程序来播放test.mp4。
文件test.mp4位于一个子目录("secureSubdirectory")中,该子目录包含一个包含"Require all denied"的.htaccess。这立即阻止了任何通过URL的直接访问。
当secure.php运行时,它提供一个密码(或向用户查询密码),然后对自己执行一个包含密码的POST,使用一个salt,使用PHP命令验证它:
$Hash=base64_encode(hash_hmac("sha256",$Pwd,$Salt,true));
$HashesAreSame=hash_equals($Hash,$GoalHash);
然后测试test.mp4是否存在,并执行以下PHP代码将test.mp4文件作为字节流返回给用户的浏览器:
header("Content-Type: video/mp4");
echo file_get_contents("secureSubdirectory/$path");
exit;
视频和预期的一样。如果我然后右键单击显示视频的页面并尝试保存视频,结果文件将只包含一个错误字符串,如“错误:密码未找到”,因为test.mp4是使用普通的secure.php URL查询的,而不是使用正确的密码通过POST。
当然,您可以使用浏览器调试工具的Network选项来获得响应有效负载(视频字节),但是如果浏览器提供了阻止访问调试工具的选项,那么PHP程序或.htaccess文件就可以阻止这种情况。
我无法想象失败的案例,但如果存在的话我会非常感兴趣,因为简单而完美的授权是非常罕见的事情。(请注意,由于这种方法依赖于密码,因此将其与用户关联并不是一种安全的身份验证方式,因为用户可能会意外或故意地发布或共享密码。)
尝试禁用下载视频选项
<video src="" controls controlsList="nodownload"></video>
我通常使用的最好的方法很简单,我完全禁用整个页面的上下文菜单,纯html+javascript:
<body oncontextmenu="return false;">
就是这样!我这么做是因为你总是可以通过右键点击看到源代码。 好吧,你说:“我可以直接使用浏览器查看源代码”,这是真的,但我们从事实开始,你不能停止下载html5视频。
阻止HTML5视频下载(右键保存)
<video type="video/mp4" width="330" height="300" controlsList="nodownload" oncontextmenu="return false;" controls></video>
简单回答:像youtube那样加密链接,不知道怎么做,不如问问youtube/谷歌他们是怎么做的。(以防你想直奔主题。)
I would like to point out to anyone that this is possible because youtube does it and if they can so can any other website and it isn't from the browser either because I tested it on a couple browsers such as microsoft edge and internet explorer and so there is a way to disable it and seen that people still say it...I tries looking for an answer because if youtube can than there has to be a way and the only way to see how they do it is if someone looked into the scripts of youtube which I am doing now. I also checked to see if it was a custom context menu as well and it isn't because the context menu is over flowing the inspect element and I mean like it is over it and I looked and it never creates a new class and also it is impossible to actually access inspect element with javascript so it can't be. You can tell when it double right-click a youtube video that it pops up the context menu for chrome. Besides...youtube wouldn't add that function in. I am doing research and looking through the source of youtube so I will be back if I find the answer...if anyone says you can't than, well they didn't do research like I have. The only way to download youtube videos is through a video download.
Okay...I did research and my research stays that you can disable it except there is no javascript to it...you have to be able to encrypt the links to the video for you to be able to disable it because I think any browser won't show it if it can't find it and when I opened a youtube video link it showed as this "blob:https://www.youtube.com/e5c4808e-297e-451f-80da-3e838caa1275" without quotes so it is encrypting it so it cannot be saved...you need to know php for that but like the answer you picked out of making it harder, youtube makes it the hardest of heavy encrypting it, you need to be an advance php programmer but if you don't know that than take the person you picked as best answer of making it hard to download it...but if you know php than heavy encrypt the video link so it only is able to be read on yours...I don't know how to explain how they do it but they did and there is a way. The way youtube Encrypts there videos is quite smart so if you want to know how to than just ask youtube/google of how they do it...hope this helps for you although you already picked a best answer. So encrypting the link is best in short terms.