I want to be able to deliver music/mp3 using a flash player but I'd like to make it so that the mp3 files cannot be sniffed... i.e. you can't use safari, firebug..etc. to find out the mp3 location using the activity window. I don't have a streaming server. Any idea?
If I go with a streaming server, any suggestions on how to go about it (cheaply)?
分享 You really cannot distinguish safely clients in HTTP. When they record the whole traffic, they always can replay the interaction, unless you use some cryptographic mechanisms.
As an easy approach, I would try to allow requests only in combination with an access key. The access key is created by yourself and send to the browser as a parameter of the URI. When the clients sends the request, it is only valid if the provided access key is valid as well. Within the access key, you could encode some information like IP address, time range, user agent etc.
But as I said, there is no 100% secure way to protect your data, as long as you eventually expose it via HTTP. There is always the hardcore approach to sniff your whole traffic and rebuild the files that way.
Access keys are used by Amazon S3, but there are also plugins for webservers like nginx.
分享
