Embedding Image/Video Stream into webpage

html image video embed man-in-the-middle
Power Engineering picture Power Engineering · Oct 4, 2014 · Viewed 7.5k times · Source

I'm trying to create a PHP webpage that allow the visitor to see a video stream or an image coming from a webcam without allowing the visitors to grab it's original URL/URI. In other words, I have an ip camera operating at a given address:port and I can see the stream embedding in a HTML body something like this:

    <img src="http://5.246.77.89:8080/videostream.cgi?user=myusername&amp;pwd=mypass&amp;resolution=32&amp;rate=15" alt="">

or alternatively if we want a static image:

    <img src="http://5.246.77.89:8080/snapshot.cgi?user=myusername&amp;pwd=mypass&amp" alt="">

Now the problem is that if anyone look at the HTML code behind the page will see the URL of the camera along with its user/password credentials, obviously. This allow the visitor to connect to the camera at any time even without having to go on the page that is hosting this service, they just need to type into any browser to the URL 

http://myip:myport/videostream.cgi?user=admin&amp;pwd=fewf2d53BVH&amp;resolution=32&amp;rate=15

I don't want that the user is able to do that. So I had an idea: If I'm able to wrap the stream into a php webpage acting as a 'man-in-the-middle' I can give the visitor the video without letting them know the original source. The original IP:PORT will be visible only from my server. Obviously they will always be able to use the URL of my webpage but they will never see the user/password of the camera and I can lock the service out at any time. Furthermore to improve security I can setup the router hosting the webcam to accept connections coming from my webserver only. This will act as a stealth against malicious users attempting to connect directly to the webcabm. What can I do on the server-side to obtain this behaviour?

Answer

Sam Braslavskiy picture Sam Braslavskiy · Oct 4, 2014

Well, at least for images you could use curl... As I've pointed out in the comments, you may create a php file (say, my.php) containing something like the following:

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://example.com/?password=4444&login=1111');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_BINARYTRANSFER,1);
$picture = curl_exec($ch);
curl_close($ch);
//Display the image in the browser
header('Content-type: image/jpeg');
echo $picture;

and than just write:

 <img src='my.php'>

P.S. Although I believe it is NOT the best way to do things, it looks like it solves the problem. No more private data in img src. I have never anything alike with video formats, but as for images it seems quite easy. You can read more about curl here: http://php.net/manual/en/book.curl.php

Related questions

How to prevent downloading images and video files from my website?

How to prevent downloading images and video files from my website? Is it possible? What would be the best way to do this?

Read More
How can I display an image if browser does not support HTML5's <video> tag

Does anyone know how can I display an image for the browsers which don't support the tag ? Displaying a text such as in: <video src="video.mp4" type="video/mp4"> Your browser does not support the <video&…

Read More
How do I auto-resize an image to fit a 'div' container?

How do you auto-resize a large image so that it will fit into a smaller width div container whilst maintaining its width:height ratio? Example: stackoverflow.com - when an image is inserted onto the editor panel and the image …

Read More