Editing Cross Domain for Viral videos

Hey there s2 peeps, was wondering if it’s possible to edit the cross domain file that s2 has created in my bucket to allow videos I want to be able to share (go viral) of my choosing? In other words I’d like to allow some videos to be shared off my site using jwplayer.

Hi Luis.

Not from that bucket. The bucket will expect the signature and other vars s2 sets in the URL for the file, but s2 can only do that for files served in the pages served by WP where s2 is.

If you want to share a video publicly, you should just put a copy of it in another, unprotected bucket and give that link away.

I hope that helps. :)

Is there a way for me to do a remote http header authorization to generate a download key and pass that into the url of the video file? Wouldn’t that make my video viewable to the public? Therefore open up the door to allow the video to be shared? Which would mean I would need to edit the cross domain in my bucket to allow sites of my choosing to access the file?

You could let users without access to view the video, but it’d need a download key generated each view. To do that, you could create a hack file in your must-use plugins directory /wp-content/mu-plugins/ (create it if you don’t have it yet), and in it check the GET vars to identify when someone is trying to view that file, and add the download key to the vars, generating one right there.

Hey Cristian, how would something like that look like? So would this be a s2 url on the front end that would generate the key?

Well, in your mu-plugins dir create a file, e.g. s2hacks.php, and in it only have PHP, no spaces or line-breaks outside the PHP block. You’d check the [hilite mono]$_GET[/hilite] array to see if the URL is accessing the protected file you want to give access to, and if so, generate a download key for it and add it to the [hilite mono]$_GET[/hilite] array.

You’d need to code it yourself, but that’s the basic idea behind it, it’s not too hard, just look for the right names for the right keys in the array and the function to generate the key. [hilite path]Dashboard -› s2Member® -› Download Options -› Advanced Download Restrictions[/hilite]

I hope that helps. :)

Hmm. I kinda get the concept and looking into the documentation to find what are you talking about. I’m a bit confused on how to construct the code, plus not sure I understand how it works. Does this php file contain actual file names that I’m giving access to? How would the url look like that I would use for this special access?

I haven’t tested this at all, but it’d be something like this:

[hilite pre_code]

[/hilite]

• This reply was modified 4 years, 4 months ago by  Cristián Lávaque.

Hey Crisitian, thanks for your help so far… I’m assuming there should php tags in this code. And so I’m clear on this … s2member will look at this file when I use s2 download key api in a url as described in Dashboard -› s2Member® -› Download Options -› Advanced Download Restrictions which then will allow access to a file in my bucket that can be accessed away from my website such as Facebook ? Also, if I had multiple files, how would add them in here? I will test this code and let you know how it works. Are you missing a “(” before ” ‘your file.zip’) ” ? Lastly, does it need to contain the relative file path ? Or just file name?

• This reply was modified 4 years, 4 months ago by  luisrosario.
• This reply was modified 4 years, 4 months ago by  luisrosario.

I’m assuming there should php tags in this code.

Right. I assumed it’d be obvious, but added them to the code above to avoid confusion.

And so I’m clear on this … s2member will look at this file when I use s2 download key api in a url as described in Dashboard -› s2Member® -› Download Options -› Advanced Download Restrictions which then will allow access to a file in my bucket that can be accessed away from my website such as Facebook ?

If the download key is there, s2Member will serve the file without checking anything else (level, custom capability). The hack would provide the download key for the files you specify, so they’ll be protected, but not really, since everyone will be able to download them this way.

Also, if I had multiple files, how would add them in here?

You could repeat the code for each one, or do something more compact and elegant without repeating code.

Are you missing a “(” before ” ‘your file.zip’) ” ?

No, but was missing an equal sign. I fixed it in the code above.

Lastly, does it need to contain the relative file path ? Or just file name?

If file is in a subdir of s2member-files (or your protected bucket if using S3). So you’d just add the path from your protected folder. If it’s s2member-files/yourfile.zip, then the file name is enough. If it’s under s2member-files/yourfolder/yourfile.zip, then you’d use [hilite mono]'yourfolder/yourfile.zip'[/hilite].

I hope it helps. :)

It may sound silly at this point, but when you say

If the download key is there

what are you referring to? Do I need to place a key in this code? And if so, where do I generate that?

Based on what we have here so far, testing results in to this message from the browser

503 ( Invalid Key ): Sorry, your access to this file has expired. Please contact Support for assistance.

I could putting the url string together incorrectly, this is what it looks like:

http://www.groovetemple.tv/?s2member_file_download=access-public/inside/ia-ep2-donna_de_lory.mp4&s2member_file_download_key=[s2Key file_download="access-public/inside/ia-ep2-donna_de_lory.mp4" /]

• This reply was modified 4 years, 4 months ago by  luisrosario.
• This reply was modified 4 years, 4 months ago by  luisrosario.

[[s2Key file_download="access-public/inside/ia-ep2-donna_de_lory.mp4" /]]

That is the shortcode to generate the key, if you enter that directly in the browser’s address bar, it won’t work. The key would look something like this: [hilite mono]c56c48a0c20c73e0ef06eb8d0c33301a[/hilite].

The shortcode is to be used in a post/page/widget that’ll parse the shortcode and output the key. If you are in a page that doesn’t parse shortcode, you can use the PHP function to output it. [hilite path]Dashboard -› s2Member® -› Download Options -› Advanced Download Restrictions[/hilite]

what are you referring to? Do I need to place a key in this code? And if so, where do I generate that?

It’s in the code example I posted earlier. If you need help hacking this for what you need in your site, I suggest that you get a freelance developer from a site like jobs.wordpress.net. :)

OK, I understand now.. Was overlooking ‘s2member_file_download_key’

I do have another question..

Shouldn’t this link result in a file download with a key issued if I typed this into a web browser? It seems to me that this should work. But I get

503 ( Invalid Key ): Sorry, your access to this file has expired. Please contact Support for assistance.

Am I mis understanding how this link below works?

http://www.groovetemple.tv/?s2member_file_download=example-file.zip&s2member_file_download_key=universal

• This reply was modified 4 years, 3 months ago by  luisrosario.
• This reply was modified 4 years, 3 months ago by  luisrosario.

Hi Luis,

Off the top of my head I wonder if something like this would work? I’m not sure how the sharing works though but if this was in you doc head I wonder if it would work for facebook.

<meta property="og:video" content="[s2File download="video.mp4" download_key="universal"  /]" />

• This reply was modified 4 years, 3 months ago by  Philly.

Hmm.. that would be interesting to try, although the missing parameter is calling up your jwplayer. In order for jwplayer to be embeddable into sites such as Facebook the url string needs to looks like:

http://www.yoursite.com/jwplayer/jwplayer.swf? 

then you can pass variables to player attributes and files after the ?

I found this cool plug Facebook AWD that allows you to attach all the Open Graph Variables into posts and pages allowing your page or posts to be properly read by Facebook.. When adding the video tags into the open graph and inputing the above url string into it’s custom field Facebook will call up your player with all the attributes that you pass including skin ect and play your video. The challenge is to get urls that are somewhat secure.

We’ve reached the point where we can have our player embeddable into facebook and loads public cloudfront urls fine (we’ve yet to actually launch this site wide on our site), but I’m trying to figure out a way to give access to videos we share creating expired download keys on the fly so the files are not completely public. I’m getting to the point where I’m not sure if this is possible. The main motivation is to prevent leeching of our shared content. The above example that Christian has provided seems to be my only alternative which only really helps me not having to have 2 copies of my files and not having to make my files public. I would be awesome if I could serve out expiring urls with this situation. I’ve looked at all the AWS docs and have been talking to them and there’s no real answer from their side of things. It would be cool if s2 could sign urls for content that is being accessed from a “remote referring site” … Anyways, not sure what really to do at this point.

• This reply was modified 4 years, 3 months ago by  luisrosario.

@Cristian , was wondering if you could clarify on the above question concerning the link I posted above. Shouldn’t that link generate a key without being logged in?

Yeah, generating the download key doesn’t require the user to be logged in, as far as I understand it.

Maybe @Jason can help clarify this .. Jason, it seems that this link

http://www.groovetemple.tv/?s2member_file_download=example-file.zip&s2member_file_download_key=universal

Should generate a universal download key no matter of user being logged in. Is this correct? And if so, why do I receive this response

503 ( Invalid Key ): Sorry, your access to this file has expired. Please contact Support for assistance.

My understanding of how this works is I can put this url into a web browser and get access to the file with a universal download key.. Is this right?

-Luis

Luis,

No, that is not correct.

You need to *generate* the download key using either a snippet of PHP or a shortcode:

<a href="http://example.com/wordpress/?s2member_file_download=example-file.zip&s2member_file_download_key=<?php echo s2member_file_download_key("example-file.zip"); ?>">This is my download link</a>

or using the shortcode in a page/post:

<a href="http://example.com/wordpress/?s2member_file_download=example-file.zip&s2member_file_download_key=[s2Key file_download="example-file.zip" /]">This is my download link</a>

You don’t need to be logged in to generate the key, since anyone visiting the page would automatically see a URL with the key added in (again, if you add the PHP code or the shortcode to a URL like the examples above, then when someone loads the page, the key will be generated and added to the URL).

Please read the documentation in Dashboard -› s2Member® -› Download Options -› Advanced Download Restrictions for more information.

Thanks Raam for the clarification. @Philly, I have a question for you. Does your short code include the key parameters such as download_key=”universal or ip-forever” ?

This one does

0.4.0

I didn’t test it though :/