Disable media download in onebox

martin9973 · January 13, 2022, 7:16pm

hello, I saw there is an option to disable audio download:

<audio controls #{@options[:disable_media_download_controls] ? 'controlslist="nodownload"' : ""}>

at onebox/audio_onebox.rb at main · discourse/onebox · GitHub

and

disable_media_download_controls: SiteSetting.disable_onebox_media_download_controls,

at discourse/oneboxer.rb at 03998e0a299b7ae89678e2854e3abf84bd6ef132 · discourse/discourse · GitHub

So I tried to write it using

./launcher enter app
rails c
SiteSetting.disable_onebox_media_download_controls=true

and also here

vi containers/app.yml
under params:
disable_media_download_controls: true
disable_onebox_media_download_controls: true
under env:
DISCOURSE_DISABLE_ONEBOX_MEDIA_DOWNLOAD_CONTROLS: true

but still audio can be downloaded through the onebox’s “download” option. Anyone can help? many thanks.

Jagster · January 13, 2022, 8:27pm

I don’t know, but how should one listen audio if download is disabled?

martin9973 · January 13, 2022, 8:33pm

there is a download option if you click the three dots at the end: see picture from this post:

What I want is that the explicit download option is hidden/disabled, while people can still use this to listen to the audio.

Jagster · January 13, 2022, 8:42pm

I still don’t get it. Discourse can’t streaming so audiofile must be downloaded for listening. Or am I totally wrong?

Or do you accept downloading when a user doesn’t know they are downloading because one’s device doesn’t ask where it should save?

Yet, that audio is possible to save anyway via recording

Sorry — I don’t help a bit but I would like to understand why, what, where and everything

My very weak point is that kind disabling attempts are succesfully rarely, Or needed. But fine if it is doable.

martin9973 · January 13, 2022, 8:47pm

if you allow explicit download option, then the audio/video content could be stored/used/commercialised elsewhere, where such intellectual property may not be authorised properly. So it is probably wise to make the default option to disable the explicit download option.

Can you advise how to achieve that in the setting/code level. thanks.

JammyDodger · January 13, 2022, 8:53pm

It’s not something I’ve used, but is anything in this topic any help?

martin9973 · January 13, 2022, 9:36pm

As far as the website (using discourse) itself is concerned, it is important to avoid any future IP-related issue. Even if the author use a TC or some sort of theme, any infringement of the IP could make the website liable for potential damage etc. Even if the website may seem to have nothing to do with it, just because it acts as a channel of exchange, some lawyer may have other thoughts.

So to disable explicit download option should be quite useful, as you wouldn’t see such option on most of the big websites like youtube. Can anyone help with the code/setting to make it happen please.

Falco · January 13, 2022, 9:48pm

After that, you will need to rebake or edit the post with the local audio. Have you tried that?

martin9973 · January 13, 2022, 10:47pm

how to rebake or edit the post?

Falco · January 13, 2022, 10:48pm

Click on the post … button, then on the button and finally on “Rebuild HTML”

martin9973 · January 13, 2022, 10:51pm

“Rebuild HTML” done, but still have the “Download” option.

Falco · January 13, 2022, 10:58pm

Let’s test this:

![614107_11861866-lq|audio](upload://jq0kR3R4YPrn1kM48EL33oVgjT8.mp3)

https://d11a6trkgmumsb.cloudfront.net/original/3X/8/8/8819dba2a51ca9f987e93d64dfe823161141d0f6.mp3

martin9973 · January 13, 2022, 11:03pm

second one works (no download option), but first one still have.

Falco · January 13, 2022, 11:04pm

Oh I see, the site setting only affect onebox, so only the second type of audio, not the first one because it isn’t technically a onebox.

martin9973 · January 13, 2022, 11:04pm

What else needs to be done to make the first case work?

Falco · January 13, 2022, 11:06pm

If you want to dive into the code it’s coming from

github.com

discourse/discourse/blob/c2afc3915b8d533858849c7973de6e1038c81245/app/assets/javascripts/pretty-text/addon/engines/discourse-markdown-it.js#L165-L173

    
      
          function audioHTML(token) {
            const src = token.attrGet("src");
            const origSrc = token.attrGet("data-orig-src");
            const dataOrigSrcAttr = origSrc !== null ? `data-orig-src="${origSrc}"` : "";
            return `<audio preload="metadata" controls>
              <source src="${src}" ${dataOrigSrcAttr}>
              <a href="${src}">${src}</a>
            </audio>`;
          }

You will need to receive the site setting on that context somehow and handle it.

martin9973 · January 14, 2022, 12:12am

As a hard code quick fix, I tried:

./launcher enter app
vi app/assets/javascripts/pretty-text/addon/engines/discourse-markdown-it.js

and append

controlsList="nodownload"

to
<audio preload="metadata" controls>

and

./launcher restart app

but still have Download option. Should I rebuild app?

Falco · January 14, 2022, 12:37am

That wouldn’t work as the JS is compiled by our rather complicated asset pipeline.

If you want a quick and hacky solution, a theme-component that listens to our decoratedCooked callback and changes the audio element is your best bet. You can learn about it on Developer’s guide to Discourse Themes

Topic		Replies	Views
Remove Dropbox Onebox For Audio Links Feature	16	2028	August 31, 2021
Should audio and video tags be allowed? Feature	16	5572	March 23, 2016
"blocked onebox domains" setting not respected Bug	16	1213	March 14, 2022
Onebox looks horrible on Discourse Comments (below WP Post) WordPress	18	2227	June 27, 2018
Can I forbid download from external links? Feature	8	1522	October 18, 2021

Disable media download in onebox

Related topics