Cloudflare Stream Beta Feedback

stream

#21

Awesome!

Oliver Yu | Engineering Manager
[email protected]
https://www.cloudflare.com/

1 888 99 FLARE | www.cloudflare.com


#22

The API looks pretty much as expected and as advertised earlier. I miss the Rest API documentation I got a link to earlier.

  1. We have a community with user generated content. We have to give end-users the upload enpoint without the upload url revealing any api keys or can be misused if exposed?

  2. We need to put some limits on user upload so end-users do not try to upload hours of video. Can we set a max length and/or size so the video is either rejected during upload or in processing?

  3. Is there a setting to keep origin file? Or are only encoded files stored?

  4. Are there callbacks/webbhooks so we can get status updates without pulling the api constantly?

  5. How are thumbnails created and selected? Our current service provides 10 thumbnails sampled from key frames and we can radiolyssnarna pick one of them as preview thumbnail through the api or upload a custom image.

  6. Possibly related to this, we would like a feature where you get samples from the video (by iterating over thumbnails) when you hover with your mouse over the preview (in the future).

  7. Will you support authentication of videos? So a video-file/player can not be hotlinked or shared.

  8. Will there be support for custom branding of the player? Any visible Cloudflare or Bitmovin branding in the player would be a showstopper.

  9. Analytics? How do we hook player events into our own view counting api and Google Analytics?

  10. And finally, the most important question, what’s the price? I need some sort of indication before we can commit resources…

Thanks!


#23

Hi @qxtra, glad you are trying out the Stream beta!

  1. We have a community with user generated content. We have to give end-users the upload enpoint without the upload url revealing any api keys or can be misused if exposed?

We have a neat solution to this — Cloudflare has a product called Workers that allows you to write JavaScript that runs at the Cloudflare edge. Using Workers, you can embed your API credentials on the fly so that your API key is never distributed to your clients.

I’ll add some sample code you can copy paste later on.

  1. We need to put some limits on user upload so end-users do not try to upload hours of video. Can we set a max length and/or size so the video is either rejected during upload or in processing?

Configurable max length/size of video - great idea. We don’t have it yet but maybe we should add it at some point. For now you can do the validation on the client side. Before sending us the video you can check the size of the file against your requirements.

  1. Is there a setting to keep origin file? Or are only encoded files stored?

Stream stores both the original file and the encoded versions by default.

  1. Are there callbacks/webbhooks so we can get status updates without pulling the api constantly?

Webhooks to get status updates. We agree - this will be so much better than polling - at some point we will probably add this.

  1. How are thumbnails created and selected? Our current service provides 10 thumbnails sampled from key frames and we can pick one of them as preview thumbnail through the api or upload a custom image.

Currently the thumbnail selected is the first frame of the uploaded video. Over time we will allow you to say which frame from the video should be used.

  1. Possibly related to this, we would like a feature where you get samples from the video (by iterating over thumbnails) when you hover with your mouse over the preview (in the future).

Yes! We will add.

  1. Will you support authentication of videos? So a video-file/player can not be hotlinked or shared.

Yes. What we will do is allow you to specify on which domains should be allowed to serve a given video. This list of domains will be maintainable over API so that you can automate adding and removing domains if you require that.

  1. Will there be support for custom branding of the player? Any visible Cloudflare or Bitmovin branding in the player would be a showstopper.

The player will not be Cloudflare branded at launch. Over time we will allow you to add your own customizations like your logo.

  1. Analytics? How do we hook player events into our own view counting api and Google Analytics?

We provide an analytics API right now (https://developers.cloudflare.com/stream/analytics/) but not a way to collect custom events from the player.

  1. And finally, the most important question, what’s the price? I need some sort of indication before we can commit resources…

Price isn’t finalized and we’ll keep you posted as we know more. @asilverstein may have more to share there.


#24

Will the list be processed in order or random? I feel like we signed up during the first few days. I guess maybe we were rejected.

What is the best product to purchase in order to (maybe) convert to Cloudflare Stream when it’s usable?


#25

@qxtra For your question #1: how to use the API without putting API keys on the client, you can use Cloudflare Workers to embed your credentials on the fly.

For an overview of Workers, you can check out https://developers.cloudflare.com/workers/

To get started with Workers, go to the Workers tab of the Cloudflare dashboard: https://www.cloudflare.com/a/workers/

Some Workers sample code you can use for this is:

addEventListener('fetch', event => {
  event.respondWith(proxyMediaRequest(event.request))
})

const myZoneAPI = "www.example.com/client/v4";
const cfAPI = "api.cloudflare.com/client/v4/zones/{zone-id}";

function translateResponseLocation(headers) {
  const newHeaders = new Headers(headers);
  if (headers.has("location")) {
       newHeaders.set("X-Original-Location", headers.get("location"));
       let location = headers.get("location");
       let newLocation = location.replace(cfAPI, myZoneAPI);
       newHeaders.set("location", newLocation);
  }
  newHeaders.set("Access-Control-Allow-Credentials", "true")
  return newHeaders;
}

async function proxyMediaRequest(request) {
  var re = new RegExp("/media/(.*)$");
  const init = {
    method: request.method,
    headers: new Headers(request.headers),
  };
  if (request.method != "GET" && request.method != "HEAD") {
    init.body = request.body;
  }
  init.headers.set("X-Auth-Key","XXXXXXX");
  init.headers.set("X-Auth-Email", "[email protected]");
  var response;
  try {
    var matchArr = re.exec(request.url);
    var subPath = "";
    if (matchArr) {
        subPath = matchArr[1];
    }
    // Change do your zone
    var newURL = "https://api.cloudflare.com/client/v4/zones/{zone-id}/media/" + subPath;
    response = await fetch(newURL, init);

    return new Response(
        response.body,
        {
            status: response.status,
            statusText: response.statusText,
            headers: translateResponseLocation(response.headers)
        }
    )
  }
  catch (e) {
    if (e.response) {
      return e.response
    }
    return new Response("Error", {"status": 500});
  }
}

#26

I have done my first upload test. Upload and encoding worked fine.

I do get an error message when I try to look at the thumbnail or preview link.

Error 526 Invalid SSL certificate
Ray ID: 3ec3d7b3797c7696
Ray ID: 3ec3e52cffb17606

https://qXXXXXr.com/cdn-cgi/trace
fl=128f13
h=qXXXXXr.com
ip=92.244.XX.XX
ts=1518484341.344
visit_scheme=https
uag=Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36
colo=ARN
spdy=h2
http=h2
loc=SE

Any suggestion how to proceed?


#27

We have a community where users can upload videos. Current solution store the videos ID in our application database and we can add title, description and other application specific information.

With this Cloudflare we would probably use our own database and store UID, thumbnail and other metadata to be able to quickly produce a list of videos/gallery without hammering on Cloudflare’s API.

I guess this is on your todo list already, but duration is really metadata about the video you should be able to pull out through the api when the video is encoded.

I can predict that we want thumbnail in several sizes so we can use srcset on the img-tag for the thumbnail image.

I think we also would also like to have access to the original filename for the upload in metadata.

Have you considered using some sort of tags? I can see a scenario where we tag uploads with a userid to be able to list all videos with a specific tag quickly or delete all videos from one user by using a tag.


#28

@qxtra this is a great question! We also noticed this bug a few days ago and working on fixing it as we speak. As a temporary solution, you can place a page rule at yoursite.com/cdn-cgi/* path to use Full (not strict) or Flexible SSL.


#29

@qxtra for your second question: we’re working on adding features to organize your videos like the ones the ones you’ve mentioned.

In the meanwhile, you can use the metadata field in the API as a arbitrary key value where you can store tags and user id information. You can use this either with the optional metadata fields in the tus protocol or right after the upload using the API. See https://tus.io/protocols/resumable-upload.html#upload-metadata for more information on uploading videos with custom metadata


#30

Thanks @dani for the suggested solution with a worker. It might be acceptable for a test or proof-of-concept but we are quite sceptical to Workers as a solution until it matures more.

Most video transcoding libraries I have worked with have an API to create a one time upload endpoint server-side. You can then safely pass this endpoint to a browser (or app) that can upload the video file - without having access to any cloudflare credentials.

It is a very common scenario. I think that in the long run you must implement a more permanent solution to this scenario to make the service competitive.


#31

100% yes.

Workers – we are using Workers for edge side logic of some of our newest products. I think you can use it with confidence.


#32

Testing the video player embed code locally, I’m getting a CORS error. Is it possible to configure this somewhere and e.g. allow “[domain].local”?


#33

Just testing this in the admin panel,

Fast uploads, really fast encodes, amazing playback, actually better using your video, than jumping around in VLC

We are just testing this for content delivery of some of our in house videos / cctv.

Do you have info on access to these urls (can we combine it with access?)
What will be your pricing policy on this, as obviously there is a fair amount of storage about to be used!


#34

Yes! Docs are here: https://developers.cloudflare.com/stream/security/


#35

That’s great!

What are you looking to do as far as access rules go?

Access works right now, but we are swapping the video to be served from cloudflarestream.com instead of your domain, which will stop Access from working.


#36

I tried the upload from the CF user panel and found it to be smooth, fast and reliable - great job, guys. I have a few things to note:

1 - The backend for Stream is user friendly, however in my opinion it lacks the ability to search videos. If a user only has a couple of videos there, it won’t be an issue, but if they upload dozens, or hundreds of videos, without a search option it would be a challenge to locate a desired video.

2 - How about the ability to choose the size of a video container? There doesn’t seem to be such option in the generated embed code.

3 - Playback is smooth in “straight” browsers, but does not initiate at all in Tor. Using the privacy enhanced Tor network is not only one of the crucial means to deliver content to people in countries affected by government censorship, but it’s an essential tool for content providers who create content that the people in power would rather stay hidden. I’m not sure why or how streaming over Tor is restricted, but CF has always provided the ability to both whitelist and blacklist access from the Tor network, but despite my whitelist, the playback doesn’t initiate. I was wondering if that it something that could be taken into account.

Cheers guys, great job so far.

Mark


#37

@dani Would love to be able to restrict access to the videos to our IP address for starters, so we can link to it via a locally hosted wiki.

I’m also working on seeing how we can integrate the videos with our e-commerce site so there are no ads from competitors / other videos in play next etc that we get with youtube.

Do you have details on the pricing policy for this when its out of beta?


#38

I am not seeing the stream app in my menu bar when I log in to cloud flare. I’d like to mess around with the ui you built to upload videos. Are there any steps I need to do to take to get the stream upload ui referenced here:
https://developers.cloudflare.com/stream/getting-started/cloudflare-dashboard/
to show up when I log in to cloudflare?


#39

@hostmaster4 - ah, sorry. Try now! You should be able to see it. (If you’re already logged in, log out and back in)

@bestgore - ability to search. Yes. We need to add that. Ability to choose the size of the video container - you actually can, see the fit attribute here: https://developers.cloudflare.com/stream/customization/. Tor - we will take a look!

@alex6 - restricting video, yes totally. we’re working on a solution where you can list which domains it can be played on. Pricing is probably going to be per minutes of video played, but we’re not sure exactly how much yet.


#40

@dani I uploaded a few videos to my stream to test it out, but after a couple of days they are no longer available and the stream app button also disappeared from my dashboard. I have not received any notification on that. Any idea what happened?