Can I prevent video download with HTML5 <video> tag?

[nottrobin]

Hello

I was wondering if there's any way to use the <video> tag to allow streaming of a video file, but *not* allow users to download it?

Because at the moment YouTube doesn't offer users any obvious way to copy their videos off the website. But if they were to fully implement HTML5 then there would be a "download file" option sitting right there on the right click menu. Is there any way to disable this and only allow the video to be streamed through the browser?

Cheers,
Robin.

[zcorpan]

Can you prevent an <img> to be shown but not allow the user to download it?

The short answer is "no", for both <img> and <video>. Even with Flash it's possible to save the video on disk. If it's sent to the browser, the user can take it, however you try to twist it.

You can make it harder with a number of tricks, such as overlaying the video with a transparent GIF, but in the end it's not possible to prevent it (and chances are you're just annoying the user by trying).

[nottrobin]

I see what you mean. People do try to prevent people from saving images from their websites (by disabling right click, etc.) but it is ultimately more annoying than it is effective (print-screen or downloading the image directly by viewing the source is a cinch for anyone with any know-how at all).

I'm not asking because it's something I want to do, but rather because I think if HTML5 is to achieve its goal in revolutionising the web it needs to be adopted by video sites like YouTube, and currently downloading a video off the "Flash" YouTube site is more hassle than its worth - so YouTube don't have to worry that much about people stealing content that they don't have a legal right to.

However, if replacing the flash player with the <video> element means that downloading a video suddenly becomes as easy as saving an image from a website, this will suddenly have to become far more of a concern for YouTube. And this in turn might mean that they don't end up implementing it at all.

That was my worry. Which is why I thought it might be a good idea to allow such sites to make it a little harder for people to download their videos.

I suppose you could prevent people from being able to download the videos directly by only allowing access to the video if the request comes from youtube.com - meaning only people with the know-how to forge HTTP headers could manage it. This would probably be just as satisfactory...

[zcorpan]

It's not clear to me that this is a concern for YouTube at all.

[rekk1986]

Can you prevent an <img> to be shown but not allow the user to download it?

The short answer is "no", for both <img> and <video>. Even with Flash it's possible to save the video on disk. If it's sent to the browser, the user can take it, however you try to twist it.

You can make it harder with a number of tricks, such as overlaying the video with a transparent GIF, but in the end it's not possible to prevent it (and chances are you're just annoying the user by trying).

i just prevent user from downloading in period but don't know how to do this for a long time. Who know more please reply to me.thanks

[zx]

Hey, rekk1986 - I would be verry interested how you managed to do that.

As I am making a HTML5 player for a new startup website based on video content so it would be from a business point of view. The thing is, I don't want users to download my video. I don't want it cause I could loose traffic and, mostly, cause the institutions from which I get the videos exist because people pay for their content. Those institutions, in my case, are theatres.

And I need to control their content as much as I can. So there is no way I can let any person just right click and save the file. I need them to watch in on my website, as well from legal point of view.

Currently, I can't do a thing. I can block the right click and fake mask the URL in src. If you want people to actually use <video>, you need to make some kind of protection. What kind? I have no idea.

You got perfect buzz around it, but it will pass, and if institutions won't use <video> (and they won't if anyone could download their data), flash will win. And <video> would be used only on private blogs or something. Flash is much better now. Safer.

Look what YouTube has done now. They block download in some fancy way. Vimeo makes the same. I don't understand how their method works (but I would really like to use it!), but it works quite well. No regular person can download the file.

[JAB Creations]

You can't give the client a file and not give the client the file, period. There is nothing I've seen on any site that I can't get if I really wanted to.

[zx]

There are things you can do to make it harder. Look what the sites with pay contend make.

[Alan]

It's trivial to download FLV files from YouTube or similar sites. Just google "YouTube download" and you'll see tons of services that even allow you to extract the audio (e.g. for music videos) or convert the video into another format. All of these services are free and work for all websites that use similar technologies (which accounts for the vast majority of video streaming sites, including porn).

As a gentle reminder for the luddites among us: DRM does not work either. There simply is no way to prevent copyright abuse (and there shouldn't be, because it would prevent fair use, too). You can either do it like YouTube etc and put up some hurdles to make it a bit more challenging, or you can do it like RIAA and sue a handful of violators into oblivion to make copyright absure profitable for you.

If you don't want to accept the paradigm shift in intellectual property in the 21st century as a fact of life, there are still a few options left. You could hide the actual video element and render the video content to a canvas, for example. This would eliminate the "right-click" problem. You could then also generate the video element dynamically and use an alias instead of a full video URL in your source to prevent advanced users from just skimming your HTML for a URL ending in ".ogv" or ".mp4".

You could also go all the way and implement a proprietary streaming protocol using JavaScript, canvas, web sockets and the audio element -- that'd be a performance nightmare, though.

It's quite simple: either you care about your users, use open technologies and handle illegal transgressions the way you've handled them before (i.e. if someone copies your content and uses it commercially, you take them to court -- if that's not profitable enough, that might tell you something about the relative value of your content) or you use proprietary technologies, live in the false comfort of thinking your content is safe and still have to take legal measures to fight those who know what they're doing and still steal your stuff.

It's a lose-lose situation and HTML5 isn't going to change that. Maybe you should worry less about piracy and more about whether your business model is still adequate in the times we live in (is anybody else reminded of the outcry against VHS back in the day?).