0

We have embedded Vimeo videos on a site accesible only to logged in users. Because of different firewalls, using different types of blocks, the videos sometimes do not work for the client.

We cannot:

  • know which kind of block the videos trigger on these firewalls
  • ask the clients to change any settings on their browsers
  • ask the clients to request a change to firewall settings settings

For cases where the firewall blocks Vimeo explicitly, as opposed to blocking all video streaming, we would like to do the following:

  • our application detects Vimeo is being blocked
  • tells the browser to load up a different player
  • this new player loads every needed resource (video, JS, json, etc) from domains that we control (and thus have valid SSL certificates for), instead of Vimeo/Akamai domains.

The actual video, which will also be loaded from a domain we control, will be fetched from Vimeo to our server and then served from our server to the client. Everything is over SSL, but this is not MITM, as the client will be requesting the video stream, along with the other needed resources for the player, from our domains.

Could this be called a transparent proxy? More importantly, can we accomplish the above using Squid? If not Squid, how would we accomplish this? We do not want to store the video anywhere else but on Vimeo, but we are ok with caching the videos for a couple hours on our servers.

Gaia
  • 1,855
  • 5
  • 34
  • 60
  • 1
    If I were in charge of a network that was blocking video streaming at the firewall I probably wouldn't appreciate your trying to circumvent that. – joeqwerty Jan 07 '17 at 04:52
  • Watching the videos is necessary for them to perform their jobs, and our job is to to make it easier for them to do so. On top of that, their network administrators can't unblock vimeo entirely (there is no way to unblock only our videos). On the other hand, if you blocked video streaming entirely the setup above cannot and will not circumvent that. – Gaia Jan 07 '17 at 05:00
  • 3
    I'm not making a statement about ethics. I'm making a statement as a person who manages corporate networks/firewalls and knows that video streaming is often blocked for very valid reasons and I know that most people like me wouldn't take kindly to your trying to circumvent our controls. – joeqwerty Jan 07 '17 at 05:14
  • 2
    If you want to solve this the "right" way you'll have a conversation with your clients/customers and work with them to find an approved solution. – joeqwerty Jan 07 '17 at 05:15
  • 2
    I'm voting to close this question as off-topic because it is about facilitating policy circumvention. – EEAA Jan 07 '17 at 06:00
  • The answer to your question was given above: speak with your customers and go about requesting exceptions in an official way. Subverting IT department rules will only serve to get you blacklisted from businesses. – EEAA Jan 07 '17 at 06:10
  • The other option would be to host the video yourselves. Then you wouldn't have to even consider these gymnastics. – EEAA Jan 07 '17 at 06:14
  • @joeqwerty I get that. But it is not as it seems. Our customers are not the people that watch the videos. Out customers have us produce and deliver the videos to people they need to train - not their employees - 3rd parties. – Gaia Jan 07 '17 at 07:14
  • @EEAA there is a reason training videos are uploaded, transcoded, hosted, CDN'ed, played, delivered, tracked analytics by highly specialized online video delivering services such as vimeo. we are not trying to become brightcove or vimeo. we are asked to train people - they can't be requesting firewall exceptions every time there is a problem (which is <3% of our audience) - they just want to get trained. – Gaia Jan 07 '17 at 07:19
  • Either way, regardless of the relationship between you and your customers: you are asking us to help corporate employees subvert policy put in place by their IT department. That is something we will not assist you with. – EEAA Jan 07 '17 at 07:20

0 Answers0