Need help to Securing Access to Streams

I used this documentation : https://flussonic.com/doc/authorization/securing-access-to-streams-authorization-with-token/

but there is something that I do not understand, I got a result like this:

Its work :slight_smile:

and now I want to put this on my website like this as in the documentation:

<iframe allowfullscreen style="width:640px; height:480px;" src="<%= @url %>"></iframe>

I can not understand, if I put this way everyone can see my url:

<iframe allowfullscreen style="width:640px; height:480px;" src="http://mydomain.com/script.php?stream=Name"></iframe>

I rather expect a result like that , which changes the token automatically:

<iframe allowfullscreen style="width:640px; height:480px;" src="http://mydomain.com/Name/embed.html?token=9ef42fbfaa6bf3f0fd387c2bdff9fcc8e56fe846-9c63e87c9aa59ebcf74d375c407692db-1606995882-1606985082"></iframe>

i think iโ€™m doing something wrong,can you help me please?


There is no way to achieve security with static HTML.

You have to create script that will generate dynamically HTML for viewers with unique individual session token.

Thank you for your replay, there is a site that uses the method I told you about I really do not understand how it is done here is the example http://www.afghanlive.tv/afghanistan-tv-live/

is that what youโ€™re talking about ?

Your protection is working

That is called url rewriting. If you use clever url rewrite the parameters from a static looking http url are actually forwarded to a dynamic php script at runtime.