javascript - How does this <video> tag prevent its contents from being downloaded? - Stack Overflow

admin管理员组

文章数量:1396440

Taking this video as an example, here is the html tag which seems to be the critical piece of content:

<video
    id="dmp_Video"
    style="display: block; width: 350px; height: 197.436px; top: 0px; left: 0px;"
    playsinline="" webkit-playsinline="" x-webkit-airplay="allow"
    operadetachedviewtitle="All Watched Over by Machines of Loving Grace - Episode 3: The Monkey in the Machine and the Machine in the Monkey — Dailymotion"
    src="blob:"
    controlslist="nodownload">
</video>

It is clearly not intended to be downloadable because there is controlslist="nodownload" and I notice that it's quite resilient to casual tampering. I would like to know how this is implemented.

If I delete the surrounding clutter nodes in Firefox, I am able to right-click on the element but the menu option to download is greyed-out. If I disable Javascript, I am not able to right-click on this element at all.

If I put the blob url into the browser directly, or use wget, I get a 404.

How have they achieved this?

(I'm not asking you to hack the page for me, I'm asking what I would have to do to make my own videos similarly protected.)

Taking this video as an example, here is the html tag which seems to be the critical piece of content:

<video
    id="dmp_Video"
    style="display: block; width: 350px; height: 197.436px; top: 0px; left: 0px;"
    playsinline="" webkit-playsinline="" x-webkit-airplay="allow"
    operadetachedviewtitle="All Watched Over by Machines of Loving Grace - Episode 3: The Monkey in the Machine and the Machine in the Monkey — Dailymotion"
    src="blob:https://www.dailymotion./30c69843-cd99-4101-a8bb-0a6db568dd00"
    controlslist="nodownload">
</video>

It is clearly not intended to be downloadable because there is controlslist="nodownload" and I notice that it's quite resilient to casual tampering. I would like to know how this is implemented.

If I delete the surrounding clutter nodes in Firefox, I am able to right-click on the element but the menu option to download is greyed-out. If I disable Javascript, I am not able to right-click on this element at all.

If I put the https://www.dailymotion./30c69843-cd99-4101-a8bb-0a6db568dd00 blob url into the browser directly, or use wget, I get a 404.

How have they achieved this?

(I'm not asking you to hack the page for me, I'm asking what I would have to do to make my own videos similarly protected.)

• javascript
• html5-video
• drm

Share Improve this question Follow asked Jan 14, 2020 at 10:02 spraffspraff 33.5k2727 gold badges135135 silver badges255255 bronze badges 2

• 1 Does this answer your question? What is a blob URL and why it is used? – GrafiCode Commented Jan 14, 2020 at 10:09
• By the way, it has nothing to do with DRM – GrafiCode Commented Jan 14, 2020 at 10:09

Add a ment  | 

1 Answer 1

Sorted by: Reset to default 0

edit it and paste in:

URL.createObjectURL()

right before blob and you should be able to download it

本文标签： javascriptHow does this ltvideogt tag prevent its contents from being downloadedStack Overflow