views:

42

answers:

1

Is there any way to detect if someone is using a browser addon to download videos from my website?

+3  A: 

It depends upon the method that the plugin uses to do its downloading; in almost every case, the answer is no.

Three methods that might work with some of the less well-written plugins:

1.) Look for abnormal browser headers. Unlikely to work as most plugins will use the inbuilt web request functions of their browser.

2.) Implement CSRF tokens. E.g. http://mysite/video.php will only allow playback from a video if using the token (http://mysite/video-serve.php?id=x&csrf-token=12345) provided in the embedded page.

This will work if a plugin attempted to directly download the file without going via the embed page. Lots of plugins will work around this though by using the csrf tokens (downthemall for instance)

3.) Look at the referrer header If no referrer header is provided, this would, again, indicate a direct download.

As I said, these methods will probably be unsuccesful in most cases, but if you are determined they might be worth a shot.

Martin Eve