This url loads and plays the video: https://player.vimeo.com/video/516699168
This url says the video is not found: https://vimeo.com/516699168
So I use the API call at https://developer.vimeo.com/api/reference/videos#get_video with ID 516699168 and it returns
HTTP/1.1 404
Content-Type: application/vnd.vimeo.error+json
{
"error": "The requested video couldn't be found."
}
So why does the player.vimeo.com link work? Is it supposed to?
I'm asking because I have a broken link script and the API isn't jiving with the player.vimeo.com link.
If there are restrictions on the video (such as privacy) why would the player url still work?
The player url (player.vimeo.com) is used as the source within the Vimeo iframe. Most likely the video is accessible when visiting that URL because it is set to "Hide from vimeo.com" and is only playable when embedded. To prevent this from happening, the video's embed privacy should be set to domain-level so that it's only playable when embedded on specified domains.
When requesting /videos/516699168 the API returns a 404 likely because the auth token used with the request only has "public" scope and can only be used to get public data on Vimeo. Because the video has "Hide from vimeo.com" privacy it is not public, and the API cannot pull its metadata.
Video privacy settings overview: https://vimeo.zendesk.com/hc/en-us/articles/224817847
API authentication and scopes overview: https://developer.vimeo.com/api/authentication#understanding-the-auth-process
Related
I have assembled a website and configured a Digital Ocean droplet to serve an audio stream using Azuracast.
At this URL http://137.184.153.182:8010/radio.mp3 lives the live audio stream. At the time of posting I am streaming static from Audio Hijack, which you can hear by visiting the URL and clicking play on the audio element. By inspecting the site I see the following HTML
<video controls="" autoplay="" name="media"> <source src="http://137.184.153.182:8010/radio.mp3" type="audio/mpeg"></video>
On the site meant to deliver the audio stream to listeners https://feverdream.radio, I have placed an identical HTML snippet. However the play button remains grayed out and I am unable to play the audio live stream.
I do not understand what I could be doing wrong so that the same code is functional on one URL but not another.
an insecure HTTP resource is being loaded for an HTTPs website. Open the browser console to see the error below:
Mixed Content: The page at 'https://feverdream.radio/' was loaded over HTTPS, but requested an insecure element 'http://137.184.153.182:8010/radio.mp3'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
The SSL/TLS certificate authority for 137.184.153.182 should be either:
Publicly issued - see Let's Encrypt
Privately trusted - see how to trust a self signed certificate for your non-public development environment.
I have native app that gets html from the database, and renders it. I can embed a vimeo link with no problem. I need to be able to get access to a private vimeo account that whitelists domains. What domain should I whitelist since this is a native app?
When using the Player with a webview or in-app browser, there's no HTTP referer passed back to the Player iframe. Without an HTTP referer, the Player cannot determine if the domain where its embedded is allowed to serve and play the video.
The only workaround is to embed the video on a web page you control, and then open or embed that page in your webview. It's not an elegant solution, but it will allow usage of a domain-restricted Vimeo Player in a webview.
Alternatively, if you're writing a native app use the direct video file links with the app platform's native media player; this feature is only available to PRO and Business users: https://help.vimeo.com/hc/en-us/articles/224823567-Direct-links
If I'm currently un-authenticated and try to load a video in the HTML5 video tag for a video that is protected by my Azure AD, it doesn't load the video. I see that it tried calling /video/123 and returns a 302 with a location property of https://login.microsoftonline.com/... It then makes another request for that location property and returns a 200. The video is of course un-playable because it hasn't loaded the video asset.
Of course if I'm already authenticated, there's no issue. How can I get the video to pop up the login screen?
As your video is protected by AAD, and any requests against AAD require to contain the authorization header with access token. So, the unauthenticated request against to your video will be redirect to Azure AD SSO page.
The easiest and most direct way to achieve this, is to only accept the authenticated user to visit the special page with the video. To verify the user in the page, if they are not authorized, redirect to Azure AD SSO page.
You can leverage adal for js to implement the functionality with a ease. Meanwhile, you can refer to https://gist.github.com/Walk4Muscle/70b11b272131eedfc0360076fcd64b2c for the plain javascript integrating with ADAL for js.
My website has some embedded Youtube videos where the embed URL uses http and the webpage is also served through http. Some of my users (i.e. using Google Chrome on Windows) have told me that the video isn't playing. However, after changing the embedded URL to serve through https, it seems to play fine (at least on Chrome). Before I change all of the embedded urls to https, my question is whether there's ever an issue serving an embedded video through https if the webpage that it's embedded in is served through http (I know that there can be "mixed content" issues if an embedded video is http while the webpage is served through https).
The code I am using:
<iframe align="middle" frameborder="1" height="500" scrolling="yes" src="youtube.com/embed/video_id"; width="800"></iframe>
Thanks!
The issue would be the same as with any HTTPS resource - if the certificate can't be validated for whatever reason, the embedded resource won't be shown or the user will get a warning (depending on the browser implementation).
I am wondering if it is possible to embed a YouTube video on a https website. As far as I can tell YouTube videos can only be embedded with the http:// protocol. Is there a way to embed them on a page without Firefox throwing an error?
I really do not know if this works, but you should give it a try:
Instead of the YouTube player you use your own custom player (made by youself or take from the web, there are a lot out there. e.g.: JW Player) This player is served by your secure server.
Before you play a video you have to call the Youtube API the recieve the source of you video:
http://gdata.youtube.com/feeds/api/videos/VideoID
Get you player streaming this video.
Within your player you should be able to allow recieving unsecure content from a secured website. You probably have to a little bit reading on the Flash Players security sandbox.
Unfortunately, Youtube doesn't have a valid SSL certificate installed on the main part of its site. You can try using a proxy such as https://browseunblocked.com/
Since Youtube doesn't have a valid SSL certificate, this won't be possible. Perhaps you could instead embed a HTTP iFrame containing a YouTube video inside your https webpage? Streaming a video over SSL would be slow, so unless the video itself needs to be encrypted, you shouldn't use it. Since you're talking about streaming YouTube videos, I doubt you care about encrypting the actual video stream, just the request to view it.
You could proxy the youtube stream through a secure server. What I mean is have a middle tier application that fetches the video feed from youtube and passes it through a secure connection back to your flash app.