Addressing the Problem
- Problem – How can you serve videos on the web without letting the viewer copy them and serve them elsewhere?
- Solution – Digital Rights Management (DRM) protects the video by requiring a valid license to play it.
Now the question is: how do we implement DRM on the web? Let’s break it down, and then we’ll do a demo.
Digital Rights Management (DRM)
Protecting video with DRM requires three parts:
- Video – the video is encrypted with a private key
- License – the license server provides a license to authenticated requests
- Player – the player requests the license from the license server (usually using some “token” to authenticate), and then uses the license to decrypt the video and play it.
There are multiple DRM technologies:
- Fairplay – Apple – supported in Safari
- Playready – Microsoft – supported in Edge
- Widevine – Google – supported in Chrome, Firefox, and Android.
We will demo Widevine since has the widest support, but they all work similarly.
Before we get to a demo, let’s go over how the video is packaged and delivered to the browser.
Adaptive Bitrate (ABR) Streaming
DRM-protected videos are typically served using Adaptive Bitrate (ABR) Streaming, which has two parts:
- Server side – the video file is transcoded into multiple renditions (i.e resolutions), and a “manifest” file is created that lists all the options.
- Client side (the web page) – the video player reads the manifest and adjusts the resolution as needed to maintain continuous playback based on the viewer’s network conditions, i.e. slow network = low resolution, and vice versa.
There are multiple ABR technologies:
- HTTP Live Streaming (HLS) – Apple
- Smooth Streaming – Microsoft
- Dynamic Adaptive Streaming over HTTP (DASH) – ISO Standard
We will demo DASH, since it is a generic standard, not owned by a single company, but they all work similarly. Also, it should be noted that the HTML video element does not directly support ABR streams, i.e. you can’t just set video.src = “http://my.site/my-DASH-manifest.mpd” and be done with it. You have to use JavaScript to manually send each ABR video chunk to the video element via the Media Source Extensions (MSE) API. Thankfully, many JavaScript libraries have been created to do exactly that, which allows us to skip over a lot of the nitty-gritty details, so that is what we will use in our demo. (The only exception to this is Safari does directly support HLS, so you can just set video.src = “http://my.site/my-HLS-manifest.m3u8”)
The ABR manifest file also lists the DRM needed to decrypt the video. A single manifest might contain multiple DRM types, which allows the player to select the DRM supported by the current browser.
Demo
Remember, to play DRM-protected video we need a Video, License, and Player. Encrypting the video and setting up a license server is outside the scope of this demo, so we will focus on the Player. Thankfully, Axinom provides encrypted videos and a license server for testing. Here are the three parts again:
- A DRM-protected video – Axinom provides this to the public on GitHub.
- A license server – Axinom provides this too on GitHub.
- A JavaScript player library – Google provides the Shaka Player on GitHub. This library handles the nitty-gritty details of downloading the license and actually decrypting the video. We just tell it what video to play and what license server to use.
We will use the example from the Shaka Player tutorial as a starting point, and then add DRM.
And here is our demo running:
Next Steps
I hope the above gave you a better understanding of DRM than you had before. Test your understanding by trying out the items below.- Remove DRM from the demo above to see what happens when you try to play the video.
- The Axinom video supports Fairplay and Playready too. Use the Axinom Github page and the Shaka Player docs to add Fairplay and Playready support to our demo above.