AutoHotkey Community

I want to send a video clip to my client, but I don't want him to know the URL that he is going to download this file from. Of course, I could upload this clip to some file-sharing system, but I want my client to download that clip from my site.

At first I thought I could just sent a password-compiled AHK file to him with some simple code like:

But then I discovered that he can look up the file info in "Real Player" and it will tell him the URL of the file. I guess he can do it in any player.
So, my question is, is it possible to hide a URL of a file that is being downloaded or it's totally impossible?

You could upload your file to a sharing site, then give the customer a shortened (redirected) url, such as provided by www.TinyURL.com. You give TinyUrl the true url and it gives you a link that does not contain the original url.

There are many such free services available. Google "tinyurl" and you will find many providers.

TinyURL allows the URL to be presented in a shortened version BUT immediately translates it into the larger version when visited in the browser.

[quote-"tiny url"]Hide your affiliate URLs

Are you posting something that you don't want people to know what the URL is because it might give away that it's an affiliate link? Then you can enter a URL into TinyURL, and your affiliate link will be hidden from the visitor, only the tinyurl.com address and the ending address will be visible to your visitors.[/quote]
That may be true for a web page (displayed in a browser), but for a link to a file, most players will just display the given url.
I suspect that a determined user will ultimately (with some effort,) be able to find the final url. I have not tried it, but I bet a trace route will show the final ip any redirected url.

But in any case, I see no other answer to Benny-D's problem. To a casual user who gets the redirected url, all he/she cares about, is does it get the file.

I think I need to correct my own words of the first post.

I just looked through all the video files that I ever downloaded from that website of mine and discovered that "Real Player" doesn't actually display the URLs of any of them! Instead, it displays the path (location) of those files on my computer. This is what "Clip Info" window of "Real Player" shows (File > Clip Properties > View Clip Info, or simply Ctrl + I).

The fact is I have downloaded all of those video files from my website using an AHK script that contained UrlDownloadToFile command. But even with some other video files on my computer that I have downloaded from other places on the internet and not with the help of AHK their URLs aren't displayed by "Real Player" either. Perhaps, their URLs can be seen in some other way on "Real Player", except I don't know how.

However, if there's no such way in "Real Player" or in any other video player, then it's good news for me as it seems that if I succeed in compiling my UrlDownloadToFile-containing AHK script strongly enough, then the user will only be able to download a file, yet won't be able to know its URL on the web, which is exactly what I want (unless there are some other ways to find this out, and I am afraid there are such ways).

So here is my question: if the "Real Player" doesn't show the URL, is there still a way to find out where the file is being downloaded from, perhaps, through checking the computer's current connection?

There are still some other things that look kind of strange to me:

Firstly, I can't download video files from my website using FireFox. If I type this URL of my video file

http://bottleneck.0fees.net/monolithic_video.MPG

into FireFox address bar and press Enter, nothing happens.

Why is it so? Is it some problem with my FireFox? Can anyone who also has FireFox, please, check it out for me? That file is very small - only 1, 216 KB, and, of course, it has no viruses. (I myself shot this video).

Secondly, if I type that URL into the address bar of IE7 (I am also using IE7) and then press Enter, I can see the downloading window for a moment (as if the file were being downloaded into some folder on my computer), and then the "Real Player" launches automatically, playing back my video file.

What is interesting is that in this case, I really can't locate the downloaded file on my computer! I looked everywhere - in My Downloads, in My Documents, on the desktop, in Program Files, etc. - I even used the search function throughout the whole of My Computer and just couldn't find that file!

The impression that I get here is that the file is kind of being streamed to my computer while I am playing it back in the "Real Player", rather then is firstly downloaded on my computer; or, perhaps, the file is being downloaded into some sort of operating memory (my knowledge here is very limited) that keeps files in it only while executing them.

And in this case "Real Player" shows me the actual URL of the video file in the "Clip Info" window! If I click to see the file info window, after it finished playing, I will see the URL of that file (not its location on my computer).

I guess it was in this case (using IE7) that I saw "Real Player" showing me the file's URL and, therefore, decided to start this thread.

Well, if use an AHK script with UrlDownloadToFile command (and I know that this command also uses IE):
then the file is successfully downloaded to my default folder, and the file info window in "Real Player" shows me its location on my computer - not its URL.

I don't think hiding stuff from users is a good idea, and while downloading at least the user would be able to see where it is downloaded from via their firewall or other network software that monitors internet traffic. Why are you so worried that they will see where it comes from? I know I wouldn't use your software if you plan on "hiding" stuff from the user. And about compiling your script to "hide" code or stuff, don't bother they average user may not be able to "see" it but AutoHotkey exe can always be decompiled as far as I know (search the forum, it is just a waste of time and effort trying to protect your script)

_________________
AHK FAQ
TF : Text files & strings lib, TF Forum

That's exactly the way that I was afraid was existing.

Let's say I place some valuable information on my site that is being renewed twice an hour and there are some people that would want to buy this info from me. I don't want to make these sails “one-time” sails. I want it to be in this way: if a buyer wants to buy an updated info again, he would have to pay again.

However, if he knows the link, then he would pay me only once, and then he would be benefiting from that one purchase again and again (unless I myself decide to change the link).

Sounds quite fatalistic. So does it mean then that intellectual property (I consider any AHK script a sort of intellectual property) in the form of codes and scripts is doomed to be free? If yes, then I just don’t understand how come some big companies like Microsoft have been earning millions on that?

hugov@
many softwares do not tell their user where they download files from.
well, just like Microsoft Update, u know its somewhere related to Microsoft, but wouldnt know the exact link where u are downloading it from

Benny-D@
if its ur server, hosting files, certainly u can rename files or generate a download link that can be used within 1hr or so

It is due to the nature of ahk that you can decompile it again, password and /nodecompile does help a bit but it won't stop a more experienced user. Software programmed in other languages are more difficult and provide better protection (but I'm no expert, search the forum you will find ahk members who are and they can explain it much better). The security shouldn't be in your script but on your server as guest suggests.

_________________
AHK FAQ
TF : Text files & strings lib, TF Forum

I see. Thank you.

PHP or ASP and sessions sounds like what you need to be looking into, where the user would go through a process of "signing up" or paying for the download, and then would be able to download the file during the period of time that the session is good for, and would need a new session created when the file is updated again. There are many other ways of doing this.

oh i do love an app that is capable of silently downloading and possibly isntalling code on my PC when i have no control over where and how

second any code can be decompiled ever notice the eula where microsoft makes you aggree not to?


so the riddle for the code breaker becomes to figure out how it was compiled in the first place

how exactly do you spose it has become so easy to get cracked software

security should be both at your server and in the app but the hard part is to understand what you can control from the app

you can control from the app
what information is displayed by your app 9prompts status etc
ease of access to the actual code make it reasonably difficult (password /nodecompile etc)
use a key system that the user must enter that the application can perform som algorythm to detect incorrect
dont use default ahk icons

someone will break your security nothing you can do about it. but require a good cracker instead of an idiot bu putting in reasonable controls

_________________
No matter what your oppinion Please join this discussion
Formal request to Polyethene

I see. Thank you, Paradox and tank.