SecureLink VOD download Security Add-OnGenerate temporary links on the fly to your valuable content

ScaleEngine implements the 'Secure Link' protocol, as a CDN Security Add-On, which is based on an MD5 hash and a timestamp.

The link to the file is augmented to include some additional URI Parameters:

?st=&e=

where the hash is base64 encoded binary MD5 of:

a secretkey
the URI of the file
expiration time of the link
optionally, the ip address of the user

the PHP code to generate this looks something like (you may not want the remote address restriction):

$secret = 'somesecretstring';
$path = '/customer-vod/play/sestore1/customer/movie.mp4';
$expires = strtotime('+4 hours');

$input = "${secret}${path}${expires}";

//echo "input is: $input\n";

$hash_bin = md5($input, TRUE);

$hash = str_replace("=", "", strtr(base64_encode($hash_bin), "+/", "-_"));

//echo "final: st=${hash}&e=${expires}\n";

$url =
"https://customer-dl.scaleengine.net${path}?st=${hash}&e=${expires}";

The CDN servers then have that secret key, the url of the file (from the request), the expiration time (from the uri parameter) and optionally the IP address of the user (from the request).

Using that information, it computes the MD5 hash in the same way. If the two hashes match (only possible if they use the same secret, and the request has not be modified in any way (prevents users using a valid link from 1 file, to download other files), and the IP address is the same (if you use that optional parameter)), and the expiration date is in the future, then the download is allowed.