2018-06-06, 07:55
This may be a little hard to explain, but I'll do my best and provide examples. Please ask for clarification if necessary.
I have a secure webdav media source which is password protected. I do this to prevent bots online from downloading all of my media and murdering my router. When I use the webui to control kodi (or access the media via a uPnP/DLNA client), the paths to each file are formatted as "davs://user:password@Server.com/Movies/movie.mkv". I suggest a measure to avoid sharing sensitive information in the path. Perhaps some kind of optional alias that refers to the media source internally on kodi.
For example, an item in mediasources.xml could be formatted in the following way:
<network>
<location id="0" alias="davs_server.com">davs://user:password@Server.com</location>
<network>
And then, under sources.xml:
<source>
<name>Movies</name>
<path pathversion="1" by-alias="1">davs_server.com/Movies</path>
<allowsharing>true</allowsharing>
</source>
To implement this into the UI:
When adding the media source, there could be an optional field to fill in an "alias"
There could then be a toggle for "aliases" when browsing to add a video/audio/image source, which would strictly show the list of aliases to choose from.
This would mean that all clients (upnp/DLNA, or webui/remotes) would not need to see the media source username and password.. Just the alias.
I suggest this as a means of mitigating any kinds of data leaks and scrapes. A password should always be kept as private as possible, never broadcasted in plaintext. Some people may also be using sftp sources, which could leave a massive security hole if there's also shell access on that server (not that you should ever do that to begin with)
A client (and anyone else on the network) would now only see "davs_server.com/Movies/movie.mkv" instead of "davs://user:password@Server.com"
Let me know what you think! Am I crazy? Or is this a realistic suggestion?
I have a secure webdav media source which is password protected. I do this to prevent bots online from downloading all of my media and murdering my router. When I use the webui to control kodi (or access the media via a uPnP/DLNA client), the paths to each file are formatted as "davs://user:password@Server.com/Movies/movie.mkv". I suggest a measure to avoid sharing sensitive information in the path. Perhaps some kind of optional alias that refers to the media source internally on kodi.
For example, an item in mediasources.xml could be formatted in the following way:
<network>
<location id="0" alias="davs_server.com">davs://user:password@Server.com</location>
<network>
And then, under sources.xml:
<source>
<name>Movies</name>
<path pathversion="1" by-alias="1">davs_server.com/Movies</path>
<allowsharing>true</allowsharing>
</source>
To implement this into the UI:
When adding the media source, there could be an optional field to fill in an "alias"
There could then be a toggle for "aliases" when browsing to add a video/audio/image source, which would strictly show the list of aliases to choose from.
This would mean that all clients (upnp/DLNA, or webui/remotes) would not need to see the media source username and password.. Just the alias.
I suggest this as a means of mitigating any kinds of data leaks and scrapes. A password should always be kept as private as possible, never broadcasted in plaintext. Some people may also be using sftp sources, which could leave a massive security hole if there's also shell access on that server (not that you should ever do that to begin with)
A client (and anyone else on the network) would now only see "davs_server.com/Movies/movie.mkv" instead of "davs://user:password@Server.com"
Let me know what you think! Am I crazy? Or is this a realistic suggestion?