"VikR0001" wrote:
We are developing a Roku channel that will have some free and some paid video content. I notice that the RSS feed Roku requires, contains an HTTP location for the videos that Roku will stream.
Is there a standard or recommended way of securing that HTTP location so that people who somehow obtain it won't be able to access the video content without paying?
Thanks in advance to all for any thoughts/info.
If your concern is ROKU users gaining access to the physical url, it is not possible. There are options to limit the length of video playback on as many items as you choose. See content meta data.
Server side that is another thing.
You need to make sure you have security measures in place, such as restricting directories via htaccess on the server, password encrypt directories or use Allow Cross Origin Sharing headers and allow only your domain name or IP as the only site who can share the file and then by putting Origin headers with your domain/ip from the location that serves the file.
Basically that means YOU request the file with your Origin headers to the location of the file that has CORS enabled to you as the Origin that can share the file.Hope that makes sense.