hello
I used this documentation : https://flussonic.com/doc/authorization/securing-access-to-streams-authorization-with-token/

but there is something that I do not understand, I got a result like this:

http://mydomain.com/script.php?stream=Name
Its work

and now I want to put this on my website like this as in the documentation:

<iframe allowfullscreen style="width:640px; height:480px;" src="<%= @url %>"></iframe>

I can not understand, if I put this way everyone can see my url:

<iframe allowfullscreen style="width:640px; height:480px;" src="http://mydomain.com/script.php?stream=Name"></iframe>

I rather expect a result like that , which changes the token automatically:

<iframe allowfullscreen style="width:640px; height:480px;" src="http://mydomain.com/Name/embed.html?token=9ef42fbfaa6bf3f0fd387c2bdff9fcc8e56fe846-9c63e87c9aa59ebcf74d375c407692db-1606995882-1606985082"></iframe>

i think i’m doing something wrong,can you help me please?

Thanks

There is no way to achieve security with static HTML.

You have to create script that will generate dynamically HTML for viewers with unique individual session token.

Thank you for your replay, there is a site that uses the method I told you about I really do not understand how it is done here is the example http://www.afghanlive.tv/afghanistan-tv-live/

is that what you’re talking about ?

Your protection is working

Screenshot 2020-12-09 at 13.30.511756×1388 131 KB

That is called url rewriting. If you use clever url rewrite the parameters from a static looking http url are actually forwarded to a dynamic php script at runtime.