Monday, January 23, 2012

Hack Safaribooks video downloads



I have a safaribooks account. A few hours back, I was going through a video series on safari & I thought I should download it for offline reference. Makes it easier to study.


But there is no option to download videos! That sucks on part of Safari. They expect users to be online to be able to watch the video packages? wtf!

I decided to take a look at the site just to make sure the option is not hidden somewhere. Nope. No download option for videos. Fast forward a 10-15 minutes, I find myself checking the source code; crazy amounts of AJAX code in there.

After another 15 minutes or so, here I am, watching the videos offline & writing this post.

I followed through post AJAX, carefully looked at the site & the options available for us, the users; & identified a way. No 'testing' involved, just a knowledge of site & flow was needed. As of today, this is probably the 'only' way to download the undownloadable videos from Safari.


Please do note you or someone else needs to be a user - Individual or Corporate - for being able to 'know' the location of content on Safari.

Login to Safari & access the study resource.


Scroll down past the table of contents.


Switch to Mobile Version.



Proceed with 'Start Watching'. Meanwhile, notice that the link to 'Start Watching' for this item is:
m.safaribooksonline.com/clip?isbn=XXXXX&linkid=a01
This is the next screen when you click on 'Start Watching'.


The original request goes to m.safaribooksonline.com/clip?isbn=XXXXX&linkid=a01 which then redirects to the actual download link:

http://safari.vo.llnwd.net/kip0/_pxn=1+_pxI0=Ripod-h264+_pxL0=undefined+_pxM0=+_pxK=19616/mobile/s/BBBBB/a01.mp4?AccountId=XXXXX&UserId=YYYYY&e=1327343958&Fpid=BBBBB&ClipId=a01&source=mui&h=ZZZZZ&source=mui&e=AAAAA&h=ZZZZZ&ClipId=a01&AccountId=XXXXX&UserId=YYYYY&Fpid=BBBBB



You can now use FlashGet to download it.



For other parts of the video series, simply modify the parameters in the download URL:
http://safari.vo.llnwd.net/kip0/_pxn=1+_pxI0=Ripod-h264+_pxL0=undefined+_pxM0=+_pxK=19616/mobile/s/BBBBB/a01.mp4?AccountId=XXXXX&UserId=YYYYY&e=1327343958&Fpid=BBBBB&ClipId=a01&source=mui&h=ZZZZZ&source=mui&e=AAAAA&h=ZZZZZ&ClipId=a01&AccountId=XXXXX&UserId=YYYYY&Fpid=BBBBB
For video #2, the URL becomes:
http://safari.vo.llnwd.net/kip0/_pxn=1+_pxI0=Ripod-h264+_pxL0=undefined+_pxM0=+_pxK=19616/mobile/s/BBBBB/a02.mp4?AccountId=XXXXX&UserId=YYYYY&e=1327343958&Fpid=BBBBB&ClipId=a02&source=mui&h=ZZZZZ&source=mui&e=AAAAA&h=ZZZZZ&ClipId=a01&AccountId=XXXXX&UserId=YYYYY&Fpid=BBBBB

And so on...


Actually, as you will find out eventually, that FlashGet can download the file, without needing any URL parameters:

http://safari.vo.llnwd.net/kip0/_pxn=1+_pxI0=Ripod-h264+_pxL0=undefined+_pxM0=+_pxK=19616/mobile/s/BBBBB/a03.mp4 

You can also use Firefox or Opera. Both of them do NOT ask for any authentication when the video URL is entered.

You can use any firefox video downloader extension like Ant Video Downloader to download the video.

This implies that if one can gain knowledge of a URL, perhaps from someone who has an account on Safari, and who can access a video resource, anyone may be able to download the videos.

Also, since we were able to strip off all parameters such as AccountId, UserID etc, and still got a proper file as server response when using a different browser afresh - firefox/opera, how might safari be tracking whether the request was legit or not, i.e. was the request sent by an authenticated AND an authorized user? Certainly doesn't look like they do! A review of AAA controls of the download site could be a start for Safari.

Update: A reader provided additional info on how to apparently turn the download of mobile version (read: low quality encoded for mobile version) into HD quality.
>>> Just remove the H264 parameter in the URL.

Thanks..
.....

KG

20 comments:

  1. It works! But it downloads the mobile version of the video. How can we download the HD version?

    ReplyDelete
  2. OK, I figured out. Just remove the H264 parameter in the URL.

    ReplyDelete
    Replies
    1. Thanks Anonymous. I will add this info to post as well.!

      Delete
  3. Thank you very much..!

    ReplyDelete
  4. Awesome. Now I will be able to watch HD videos on my Galaxy Note on the train. Love Safari, but I can't have a good connection while travelling

    ReplyDelete
  5. doesn't work anymore right?

    ReplyDelete
    Replies
    1. @Anonymous: I haven't tried this in a while. May be possible Safari fixed this.

      Delete
    2. It still works, even now.

      Delete
  6. Is there a way to do this with their epubs as well?

    ReplyDelete
  7. Anybody know of a way to automate this with Python and urllib? Just populate some variables with the user/pass and have it prompt for the url of the page that links to all the videos?

    ReplyDelete
  8. Still works for me. HD trick, too!

    ReplyDelete
  9. Found a simpler method that works with the 10 day free trial, as it seems I cannot log into mobile site with trial account...

    Disable flash (in chrome go to chrome://plugins)
    go to video page (no need to fake mobile)
    right click on the video and click "inspect element" (if you don't see "inspect element" you haven't disabled flash)
    find the script tag just below the highlighted element and find the definition of the experienceJSON variable
    copy and paste the JSON into jsoneditoronline.org
    browse to data.programmedContent.videoPlayer.mediaDTO.renditions.defaultURL

    Should be authentication free CDN URL to the HD mp4 of your vid

    Safari uses BrightCove to serve up the vids, so could work on any other client of BrightCove... fyi

    ReplyDelete
    Replies
    1. No one "experienceJSON" variable i cannot find.
      No one similar to JSON i dont see on the page source.

      Delete
    2. could not find property you are referring to above...
      ` data.programmedContent.videoPlayer.mediaDTO.renditions.defaultURL`
      perhaps this has been removed ....

      Delete
  10. Doesn't work anymore. Looks like they don't redirect the browser to the downloadable URL anymore. Anybody found a workaround?

    ReplyDelete
  11. This doesn't seem to work any more. Anybody have a new workaround?

    ReplyDelete
  12. Anonymous .. ^^
    defaultURL not present in the JSON any longer.....

    ReplyDelete
  13. The original trick isn't working anymore. Redirect URL like below isn't visible now.
    http://safari.vo.llnwd.net/kip0/_pxn=1+_pxI0=Ripod-h264+_pxL0=undefined+_pxM0=+_pxK=19616/mobile/s/BBBBB/a01.mp4?AccountId=XXXXX&UserId=YYYYY&e=1327343958&Fpid=BBBBB&ClipId=a01&source=mui&h=ZZZZZ&source=mui&e=AAAAA&h=ZZZZZ&ClipId=a01&AccountId=XXXXX&UserId=YYYYY&Fpid=BBBBB

    ReplyDelete
  14. Hello, I think something has changed and now method described does not allow to download vids. So sad :(

    ReplyDelete

Disclaimer

The views, information & opinions expressed in this blog are my own and do not reflect the views of my current or former employers or employees or colleagues.