Our sports application is being picked up by schools here in the United States. Our application allows the school's basketball team to upload videos for remote playback, etc. etc.
We use Vimeo as our video processing, hosting, and distribution partner. The app makes calls to Vimeo's servers for specific video playback.
Unfortunately, many schools have networks that block traffic to specific sites, including Facebook, YouTube, and Vimeo.
Is there a process in which we may obscure the network call and response, circumventing the network blocks? Initial thought is to man in the middle myself, possibly routing the calls through and effectively hiding the fact that the response is from a Vimeo server?
Here is an example email I have received from a network admin of a school:
Mr.
yourNameHere,We've had this come up for other instances in our school. Here is the official response from our IT department:
"We do not have the ability to whitelist Vimeo videos on an individual level. It's unfortunate that the site is hosting their content on Vimeo, as an unfiltered Vimeo environment is not suggested for educational environments."
There are too many other "genres" of content available on Vimeo to allow open access.
We have a workaround that is available to staff and faculty only. It will not be made available at the student level, again, because of the vast array of inappropriate content that is accessible on Vimeo.
Staff and faculty can navigate to blockpage.com which will force a content filter login to pop up. Faculty can then input their credentials and gain full access to subsequent sites as long as that filter window is left open. This workaround process has already been made available to staff and faculty in the past.
He may not understand that as this is an iOS application, the blockpage workaround is not a help in this situation.
You can proxy the API calls through your own server (which has many additional benefits), but that may not work for playback. You probably don't want to deal with the bandwith required to proxy the streaming video content.
Luckily the playable video files do not come from the vimeo.com domain. The vimeo api provides a player.vimeo.com url, which redirects to a different hostname. If these networks only block vimeo.com, you might be in the clear.