Help

Roku Developer Program

Join our online forum to talk to Roku developers and fellow channel creators. Ask questions, share tips with the community, and find helpful resources.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Owlie
Visitor
‎04-26-2014 05:33 AM

Importance of security

Hey everyone, long time lurker here. I just had a few questions about using ("roUrlTransfer") and content security.

I've been developing a channel that streams audio from my personal server. This is a standard host (mediatemple) with no special streaming services or cloud hosting. The audio files and JSON data I'm using are sitting in an unsecured folder on the server. I'm currently using a rather straightforward method for accessing this data. For example:


    port = CreateObject("roMessagePort")
    http = CreateObject("roUrlTransfer")
    http.SetMessagePort(port)
    http.SetUrl("http://someserver.com/roku/music_list.json")
    json = ParseJson(http.GetToString())
    list = CreateObject("roArray", 1, true)
    for each item in json.sounds
        sound = {
            ContentType : "audio"
            ShortDescriptionLine1 : item.name
            ShortDescriptionLine2 : item.shortDesc
            HDPosterUrl : item.HDPoster
            SDPosterUrl : item.SDPoster
        }
        list.Push(sound)
    end for
    
    return list


I guess my question is. How vulnerable am I here to content theft?

Also, would it be possible to add a simple .htaccess user and pass to the folder and still be able to
access it through ("roUrlTransfer")?
0 Kudos
Reply
2 REPLIES 2
RokuJoel
Binge Watcher
‎04-26-2014 01:17 PM

Re: Importance of security

If you're not using HTTPS than anyone with LAN sniffer software can read your URL request regardless of if it's password-protected or not. If you use SSL you can secure the content of your folder provided that the security on your server is decent. There are other methods to provide reasonable security for example including a timeout parameter in your URL so that it is generating a unique URL each time which can only be reused within a short time span. This would require using a scripting language on your server for the device to interact with instead of directly requesting the files from the server.

Joel
0 Kudos
Reply
Owlie
Visitor
‎04-26-2014 01:39 PM

Re: Importance of security

Thanks, Joel. That's exactly what I assumed. I'll go ahead and take the time to set up the SSL.
0 Kudos
Reply
Need Assistance?
Welcome to the Roku Community! Feel free to search our Community for answers or post your question to get help.

Become a Roku Streaming Expert!

Share your expertise, help fellow streamers, and unlock exclusive rewards as part of the Roku Community. Learn more.