-1

I want to use a HTML5 video using Iframe from another domain in my membership site. This membership site is protected. However i want to know how easy it is for my students to find out the source URL of iframe ( May be using tools like fire bug or any other way?). My concern is that in that case student can directly visit the URL directly in his browser bypassing membership site.

Just to clarify, this is my own content on another domain and I want to bring it in iframe to my membership site....Further my membership site is wordpress based, if that would changed the response to answer

Faisal
  • 3
  • 3
  • i am not voilating any Terms of service, it is my own content sitting in another domain and i want to bring it in iframe in my membership site....why wouldnt i like to keep the URL hidden ? – Faisal Jul 04 '18 at 04:40

2 Answers2

0

Assume anything that the client receives in their browser can be captured, analysed, and reverse engineered by the client.

There's no way to prevent the client from determining the origin of content, aside from hosting the content yourself!

ihatecsv
  • 532
  • 6
  • 20
  • I thought may be the browsers have security features that protect against detecting source URL of cross domain – Faisal Jul 04 '18 at 04:44
  • The `iframe` element itself is part of _your_ document, there is nothing “cross-domain” to begin with in that regard. (That it eventually _loads_ content from a different domain, is only secondary.) – CBroe Jul 04 '18 at 11:52
0

You can't stop anyone from reading the source code, but you can stop anyone else from playing or embedding the videos on another site by adding some "hotlinking" code to your .htaccess file. Here's another post that's already answered it:

Disable hot linking or direct download of my videos and only stream the video when it's displayed from a page in my website

Peter HvD
  • 1,623
  • 1
  • 7
  • 14
  • Thanks, will it help if the video is html5. it is not traditional format like mp4 etc. – Faisal Jul 04 '18 at 13:25
  • "html5" is not a video format. It's the code used to display the video. The video files themselves should all have an extension of something like ".mp4, ".webm" or ".ogg", so you can test for those in the htaccess code to block just that file type. Good luck! – Peter HvD Jul 04 '18 at 14:29
  • The link shared above relates to videos hosted on the same domain, i am referring to videos hosted on another domain but shown in iframe in my domain – Faisal Jul 05 '18 at 03:09