Secure download of videos from YouTube

I suggest to add the add-on "UnPlug" to the TBB. With that add-on, users can download videos from YouTube or other video platforms. After that, users can watch the videos locally on their computer.

added component::applications/tor browser owner::tbb-team priority::high resolution::wontfix severity::normal status::closed type::enhancement labels

Is there any progress in evaluating this proposal so far? I mean, enabling users to watch videos safely by downloading them for later offline viewing might improve users' security significantly.

Trac:
Summary: Add Firefox add-on "UnPlug" to TBB to Integrate the add-on "UnPlug" to TBB for security reasons
Priority: normal to major

Obviously, the Firefox add-on UnPlug is not actively developed currently. And unfortunately, the download of YouTube videos is no longer possible with that add-on.

Can anyone point out please how the user can download videos from YouTube securely without harming one's anonymity?

Since many videos on YouTube are not compatible with HTML5, there certainly are lots of people out there wishing to watch YouTube videos by downloading them with TorBrowser.

Trac:
Summary: Integrate the add-on "UnPlug" to TBB for security reasons to Secure download of videos from YouTube

Trac:
Keywords: N/A deleted, needs-triage added

Trac:
Owner: erinn to tbb-team
Component: Tor bundles/installation to Tor Browser

There's a software out there which despite its silly name is gaining impressive traction. youtube-dl has similar amounts of code commits on its repo as Tor. It is increasingly learning to rip media out of most popular streaming/RTMP websites. May be a better choice to bundle that as a satisfactory replacement for the Flash plugin.

Trac:
Username: vynX

Here is a surrogate

user_pref("noscript.surrogate.YouTube.replacement", "'use strict';let k=document.getElementById('player-api'),l=document.createElement('VIDEO'),m=k.getBoundingClientRect();l.controls=!0;l.a=!0;l.poster=document.querySelector(\"meta[property='og:image']\").content;['width','height','style'].forEach(function(a){l[a]=m[a];});k.appendChild(l,k);function n(...a){let r=[];a.forEach(function(a){a=(new RegExp('\"'+a+'\":(\"[^\"]+\")','i')).exec(document.documentElement.innerHTML);a&&JSON.parse(a[1]).split(',').forEach(function(a){let b={};a.split('&').forEach(function(a){(a=/^(.+?)=(.*)$/.exec(a))&&(b[decodeURIComponent(a[1])]=decodeURIComponent(a[2]));});r.push(b);});});return r;} let p={5:22,17:30,18:19,22:9,36:23,43:20,133:25,134:18,135:15,136:13,137:7,160:29,242:26,243:24,244:16,247:14,248:8,264:2,266:1,271:3,278:28,298:12,299:6,302:11,303:5,313:0,'tfvws:h264_hd1080':4,'tfvws:h264_hd':10,'tfvws:h264_hq':17,'tfvws:h264':21,'tfvws:h264_ld':27};let q=n('url_encoded_fmt_stream_map','adaptive_fmts').filter((a)=>!!a.url).sort((a,b)=>p[a.itag]-p[b.itag]);let t=n('caption_tracks');q.forEach(function(a){let b=document.createElement('A');b.href=a.url;let c=document.createElement('SOURCE');c.src=b.href;c.type=a.type;l.appendChild(c);a.fallback_host&&(b.host=a.fallback_host,c=document.createElement('SOURCE'),c.src=b.href,c.type=a.type,l.appendChild(c));});/*t.forEach(function(a){let b = document.createElement('TRACK');b.label = a.n;b.b = a.lc;b.src = a.u;l.appendChild(b);});*/ const aa=\"I3HsDoX\";let v=document.createElement('STYLE');document.head.appendChild(v);v.sheet.insertRule(\".\"+aa+\" {display: inline; padding: 1%;}\",0);v=document.createElement('UL');k.appendChild(v);for(let w of t){if('en'==w.lc){let x=document.createElement('A');x.href=w.u;x.innerHTML=w.n;x.download=document.querySelector(\"meta[name='title']\").content+\"|\"+w.n+'.'+w.lc+'.xml';let z=document.createElement('LI');z.className=aa;z.appendChild(x);v.appendChild(z);}} let y=document.createElement('A');y.href=q[0].url;y.innerHTML=\"DL video \"+(q[0].quality||q[0].quality_label||\"\");y.title=q[0].type;y.download=!0;let z=document.createElement('LI');z.className=aa;z.appendChild(y);v.appendChild(z);");
user_pref("noscript.surrogate.YouTube.sources", "!www.youtube.com/watch?*");

Trac:
Severity: N/A to Normal
Sponsor: N/A to N/A

Replying to vynX:

There's a software out there which despite its silly name is gaining impressive traction. youtube-dl has similar amounts of code commits on its repo as Tor. It is increasingly learning to rip media out of most popular streaming/RTMP websites. May be a better choice to bundle that as a satisfactory replacement for the Flash plugin. There is no eye to security at all with youtube-dl. While it wouldn't be difficult to secure it, no one has taken the effort to do so. For example, it downloads and executes JavaScript from YouTube in order to decrypt protected content (what could possibly go wrong?), and uses ffmpeg to remultiplex audio and video (and we all know the track record of ffmpeg... at least they don't use gstreamer!). It also has a huge number of plugins to do extensive parsing of the html on websites, and if it can't find what it's looking for, it'll try generic parsing to look for anything that looks like a video.

Trac:
Reviewer: N/A to N/A

This is out of the scope of TBB.

Replying to cypherpunks:

This is out of the scope of TBB.

I agree.

Trac:
Keywords: needs-triage deleted, N/A added
Status: new to closed
Resolution: N/A to wontfix

closed

moved to tpo/applications/tor-browser#6005 (closed)