AKU TONY 2021-2-26 finishing
Video security authorized playback and anti-recording marquee
First upload the rendering (when the video is playing, the student's name and student's mobile phone number are displayed):
Screen recording is one of the most difficult ways to prevent video piracy. The anti-recording marquee function provided by the Polyway player is to set the text content (usually the audience’s identity ID information) to scroll irregularly on the video. Warning pirates to achieve the effect of video copyright protection.
In addition, in the user website, in addition to verifying whether the viewer has the permission to access the video playback page through the login information (cookies), you can also verify whether the viewer has the permission to play a certain video through the Polyway player, thus realizing the double verification of the viewer's permission .
Implementation process
Implementation steps
1. Manage background settings
- Log in to the cloud-on-demand management background, click [Settings] → [Video Settings] to enter the video settings page.
-
Fill in the interface service URL of the business party in the interface setting column for authorized playback and anti-screen recording marquee.
When the player requests an authorization interface, it will automatically adapt to the following conditions:
- When the full URL is filled in, the player will directly request, for example: http://mywebsite.com/interface/validate.
- When the interface address without protocol header is filled in, the player will automatically complete it according to the request protocol of the current page. For example, fill in: //mywebsite.com/interface/validate, the current page is accessed using https protocol, then the actual request is: https://mywebsite.com/interface/validate.
- When filling in the interface address without protocol header and HOST, the player will automatically complete it according to the request protocol and HOST of the current page. For example, fill in: /interface/validate or interface/validate, the domain name of the current page is mywebsite2.com, and the page is accessed using the http protocol, then the actual request is: http://mywebsite2.com/interface/validate.
Second, the business side server implementation
1. Player request
When the management background is set to authorize the playback and marquee interface, the Polyv player will first request the interface set in the background when playing a video, the request method is GET, and the four parameters of vid, code, t, and callback will be attached, for example: https://www.mywebsite.com/validate?vid=e2e84a73837363106d8d257f60e55c4c_e&code=&t=1457938821973&callback=polyvObject16209048491895664483_1457938783908&_=1457938784101.
The code is a parameter embedded in the code of the player, and the value can be customized; t is a random number generated by the player. The player sample code is as follows:
<script src='https://player.polyv.net/script/player.js'></script>
<div id='player'></div>
<script>
var player = polyvPlayer({
wrap: '#player',
width: 800,
height: 533,
vid: '88083abbf5bcf1356e05d39666be527a_8',
code: 'myCodeValue' // 用户可自定义参数值,也可以不设置此参数,那么在请求接口时该参数值为空。参数值为中文时需要做base64URLSafe。
});
</script>Since the H5 player requests the user interface through Ajax, cross-domain requests are required, so the callback parameter is required. The Flash player implements cross-domain through cross-domain files, so there is no need for callback parameters. Only three parameters, vid, code, and t, are submitted when requesting the interface. Please refer to cross-domain access settings for Flash player to achieve cross-domain access.
2. Server-side interface implementation
If the service side interface of the business side only needs to realize the function of authorization verification, it only needs to return the three parameters of status, username, and sign to the player for verification.
The PHP example implemented by the server is as follows:
// validate.php
<?php
$username = "elvis"; // 用户昵称, 若值为中文需要urlencode('张三'),可从session获取
$secretkey = "secretkey"; // 登录保利威管理后台,点击 【设置】 → 【API接口】获取
$vid=$_GET["vid"];
$t = $_GET["t"];
$code = $_GET["code"];
if($username=="elvis"){
$status = 1; // 业务方可自定义授权验证逻辑
}else {
$status = 2;
}
if(!empty($_GET["callback"])){
$callback = $_GET["callback"];
}else{
$callback = '';
}
$sign=md5("vid=$vid&secretkey=$secretkey&username=$username&code=$code&status=$status&t=$t");
$array=Array("status"=>$status,"username"=>$username,"sign"=>$sign);
$Json = json_encode($array);
if($callback!=''){ //PC H5播放器会提交callback参数
echo $callback."(".$Json.")";
} else{ //Flash播放器不提交callback参数
echo "(".$Json.")";
}
?>Among them, the calculation rule of sign is: splicing vid, secretkey, username, code, status, t parameters for MD5 calculation:
Plain ="vid=" + vid + "&secretkey=" + secretKey + "&username=" + username + "&code=" + code + "&status=" +status + "&t=" + t
sign = MD5.hash(Plain);The following is an example of interface return:
polyvObject16208229674372271079_1478765178186({
"status":1,
"username":"elvis",
"sign":"1cca74bd55c6076091ed84807065e5b7"
})
// 不提交callback参数时
{
"status":1,
"username":"elvis",
"sign":"2c2bfb00314da7d768d50a7d1e93bd9f"
}
If the marquee function needs to be implemented in addition to the authorization verification, the interface needs to return the marquee related parameters.
The PHP example implemented by the server is as follows:
// validate.php
<?php
$username = "elvis"; // 用户昵称, 若值为中文需要urlencode('张三'),可从session获取
$secretkey = "secretkey"; // 登录保利威管理后台,点击 【设置】 → 【API接口】获取
$vid=$_GET["vid"];
$t = $_GET["t"];
$code = $_GET["code"];
$fontSize="40";
$fontColor="0xFFE900";
$speed="200";
$filter="on";
$setting="3";
$alpha="1";
$filterAlpha="1";
$filterColor="0x3914AF";
$blurX="2";
$blurY="2";
$tweenTime="1";
$interval="5";
$lifeTime="3";
$strength="4";
$show="on";
$msg="Errormessage!";
if($username=="elvis"){ // 业务方可自定义授权验证逻辑
$status = 1;
}else {
$status = 2;
}
if(!empty($_GET["callback"])){
$callback = $_GET["callback"];
}else{
$callback = '';
}
$sign=md5("vid=$vid&secretkey=$secretkey&username=$username&code=$code&status=$status&t=$t&msg=$msg&fontSize=$fontSize&fontColor=$fontColor&speed=$speed&filter=$filter&setting=$setting&alpha=$alpha&filterAlpha=$filterAlpha&filterColor=$filterColor&blurX=$blurX&blurY=$blurY&interval=$interval&lifeTime=$lifeTime&tweenTime=$tweenTime&strength=$strength&show=$show");
$array = Array("status"=>$status,"username"=>$username,"sign"=>$sign,"msg"=>$msg,"fontSize"=>$fontSize,"fontColor"=>$fontColor,"speed"=>$speed,"filter"=>$filter,"setting"=>$setting,"alpha"=>$alpha,"filterAlpha"=>$filterAlpha,"filterColor"=>$filterColor,"blurX"=>$blurX,"blurY"=>$blurY,"tweenTime"=>$tweenTime,"interval"=>$interval,"lifeTime"=>$lifeTime,"strength"=>$strength,"show"=>$show,);
$Json = json_encode($array);
if($callback!=''){
echo $callback."(".$Json.")";
} else{
echo $Json;
}
?>Among them, the calculation rule of sign is (parameters must be spliced in the order in the example):
Plain = "vid=" + vid + "&secretkey=" + secretKey + "&username=" + username + "&code=" + code + "&status=" + status + "&t=" + t +
"&msg=" + msg + "&fontSize=" + fontSize + "&fontColor=" + fontColor + "&speed=" + speed +"&filter=" +filter + "&setting=" + setting +
"&alpha=" + alpha + "&filterAlpha=" + filterAlpha + "&filterColor=" + filterColor + "&blurX=" + blurX + "&blurY=" + blurY +
"&interval=" + interval + "&lifeTime=" + lifeTime + "&tweenTime=" + tweenTime + "&strength=" + strength + "&show=" +show;
sign = MD5.hash(Plain);例如:当vid="8f8482aaab11dd5f45f183a9192a04c5_8",secretkey="AiDQw1mAmi",username="suki",code="abc",status="1",t="143020010115550947",msg="Errormessage!",fontSize="40",fontColor="0xFFE900",speed="200",filter="on",setting="3",alpha="1",filterAlpha="1",filterColor="0x3914AF",blurX="2",blurY="2",interval="5",lifeTime="3",tweenTime="1",strength="4",show="on"时,
拼凑起来去MD5计算的字符串为:
vid=8f8482aaab11dd5f45f183a9192a04c5_8&secretkey=AiDQw1mAmi&username=suki&code=abc&status=1&t=143020010115550947&msg=Errormessage!&fontSize=40&fontColor=0xFFE900&speed=200&filter=on&setting=3&alpha=1&filterAlpha=1&filterColor=0x3914AF&blurX=2&blurY=2&interval=5&lifeTime=3&tweenTime=1&strength=4&show=on
then sign is the 32-bit lowercase value after MD5 calculation: 3b07f56f29b7fd728bf20020442338e7
The following is an example of interface return:
{
"status":1,
"username":"elvis",
"sign":"6ab63590797e513d1b6c46b407413478",
"msg":"Errormessage!",
"fontSize":"40",
"fontColor":"0xFFE900",
"speed":"200",
"filter":"on",
"setting":"3",
"alpha":"1",
"filterAlpha":"1",
"filterColor":"0x3914AF",
"blurX":"2",
"blurY":"2",
"tweenTime":"1",
"interval":"5",
"lifeTime":"3",
"strength":"4",
"show":"on"
}
Three, interface return parameter description
| parameter name | Types of | Required | Defaults | Description |
|---|---|---|---|---|
| status | Integer | Yes | / | Whether to allow playback: 1 allowed 2 forbidden |
| username | String | Yes | / | The name of the audience is also used in the text content displayed by the marquee. If it is Chinese, you need to do URLEncode |
| sign | String | Yes | / | Interface signature, used to verify whether the returned content has been tampered with |
| show | String | Yes | off | When the parameter value is "on", it means the marquee is displayed, and it is not displayed by default |
| setting | Integer | Yes | 1 | The style of marquee scrolling: 1 scroll from right to left 2 flashes at random position 3 flashes scroll from right to left |
| speed | Integer | Yes | 200 | The time it takes for the marquee text to move from the right to the left, unit: 1/10 second |
| lifeTime | Integer | Yes | 3 | Marquee text display time, unit: second |
| interval | Integer | Yes | 5 | Marquee text hiding interval time, unit: second |
| tweenTime | Integer | Yes | 1 | Marquee text fades out time, unit: second |
| fontSize | Integer | Yes | 30 | The font size of the marquee text |
| fontColor | String | Yes | 0x000000 | Marquee text color, expressed in hexadecimal color value, such as 0xFF0000, the default is black |
| alpha | Float | Yes | 1 | The transparency of the marquee text, the value range is 0.01~1, and the parameter value cannot be less than 0.01 |
| filter | String | Yes | off | Whether the marquee text should be stroked, on stroke off, no stroke |
| filterAlpha | Float | Yes | 1 | Transparency of text stroke, the value range is 0~1 |
| filterColor | String | Yes | 0x000000 | The stroke color of the text, expressed in hexadecimal color value, such as 0xFF0000, the default is black |
| strength | Integer | Yes | 4 | Stroke strength, the value range is 0~255 |
| blurX | Integer | Yes | 2 | Stroke horizontal blur amount, the value range is 0~255 |
| blurY | Integer | Yes | 2 | The vertical blur amount of the stroke, the value range is 0~255 |
| msg | String | Yes | / | Custom error message |
- When the interface is only used for authorization verification, only the three parameters status, username, and sign need to be returned. The marquee related parameters may not be returned.
- Please make sure that the data returned by the interface is encoded in utf-8. Note that the status parameter is an integer, not a string.
- At present, the marquee function does not support the use on the mobile terminal H5 player.
- Please try not to modify the player style or \ tags