[FFmpeg-devel,0/5] Add IPFS and IPNS protocol support

Hi,

This patch series adds support for IPFS.

I've been adviced to keep the patches as they are (split). If needed, I can 
squash them to a single patch.

The following is a short summary. In the IPFS ecosystem you access it's content
by a "Content IDentifier" (CID). This CID is, in simplified terms, a hash of 
the content. IPFS itself is a distributed network where any user can run a node
to be part of the network and access files by their CID. If any reachable node 
within that network has the CID, you can get it.

IPFS (as a technology) has two protocols, ipfs and ipns.
The ipfs protocol is the immutable way to access content.
The ipns protocol is a mutable layer on top of it. It's essentially a new CID 
that points to a ipfs CID. This "pointer" if you will can be changed to point 
to something else.
Much more information on how this technology works can be found here [1].

This patch series allows to interact natively with IPFS. That means being able
to access files like:
- ffplay ipfs://<cid>
- ffplay ipns://<cid>

There are multiple ways to access files on the IPFS network. This patch series
uses the gateway driven way. An IPFS node - by default - exposes a local 
gateway (say http://localhost:8080) which is then used to get content from IPFS.

Much of the logic in this patch series is to find that gateway and essentially 
rewrite:

"ipfs://<cid>"

to:

"http://localhost:8080/ipfs/<cid>"

Once that's found it's forwared to the protocol handler where eventually the
http protocol is going to handle it. Note that it could also be https. There's 
enough flexibility in the implementation to allow the user to provide a 
gateway. There are also public https gateways which can be used just as well.

After this patch is accepted, I'll work on getting IPFS supported in:
- mpv (requires this ffmpeg patch)
- vlc (prefers this patch but can be made to work without this patch)
- kodi (requires this ffmpeg patch)

Best regards,
Mark Gaiser

[1] https://docs.ipfs.io/concepts/


Mark Gaiser (5):
  Early version of IPFS protocol support.
  Fix up IPNS support.
  Merge IPNS and IPFS handling.
  Implement logic to determine the IPFS gateway.
  Fix review feedback

 configure               |   2 +
 doc/protocols.texi      |  30 +++++
 libavformat/Makefile    |   2 +
 libavformat/ipfs.c      | 283 ++++++++++++++++++++++++++++++++++++++++
 libavformat/protocols.c |   2 +
 5 files changed, 319 insertions(+)
 create mode 100644 libavformat/ipfs.c

mån 2022-01-31 klockan 14:51 +0100 skrev Mark Gaiser:
> 
> There are multiple ways to access files on the IPFS network. This
> patch series
> uses the gateway driven way. An IPFS node - by default - exposes a
> local 
> gateway (say http://localhost:8080) which is then used to get content
> from IPFS.


Perhaps the protocol should be called something other than just ipfs if
it doesn't actually implement IPFS. Like ipfsgateway. It could still be
registered to ipfs:// of course, until someone writes a wrapper for
libipfs.

/Tomas

On Mon, Jan 31, 2022 at 4:52 PM Tomas Härdin <tjoppen@acc.umu.se> wrote:

> mån 2022-01-31 klockan 14:51 +0100 skrev Mark Gaiser:
> >
> > There are multiple ways to access files on the IPFS network. This
> > patch series
> > uses the gateway driven way. An IPFS node - by default - exposes a
> > local
> > gateway (say http://localhost:8080) which is then used to get content
> > from IPFS.
>
>
> Perhaps the protocol should be called something other than just ipfs if
> it doesn't actually implement IPFS. Like ipfsgateway. It could still be
> registered to ipfs:// of course, until someone writes a wrapper for
> libipfs.
>

Do you mean to have it named like "ipfsgateway" as files (and library) but
keep the protocol registration of ipfs and ipns?
I'm fine with that. The name is only artificial in code anyhow, all that
matters are the protocol names.

Question though. In a V2 patch, would it make sense to squash everything in
one commit? It's not that much anyhow.
I have a feeling the current spliced patches give much appreciated feedback
but also on parts that a later commit removed :)

>
> /Tomas
>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
>

mån 2022-01-31 klockan 17:31 +0100 skrev Mark Gaiser:
> On Mon, Jan 31, 2022 at 4:52 PM Tomas Härdin <tjoppen@acc.umu.se>
> wrote:
> 
> > mån 2022-01-31 klockan 14:51 +0100 skrev Mark Gaiser:
> > > 
> > > There are multiple ways to access files on the IPFS network. This
> > > patch series
> > > uses the gateway driven way. An IPFS node - by default - exposes
> > > a
> > > local
> > > gateway (say http://localhost:8080) which is then used to get
> > > content
> > > from IPFS.
> > 
> > 
> > Perhaps the protocol should be called something other than just
> > ipfs if
> > it doesn't actually implement IPFS. Like ipfsgateway. It could
> > still be
> > registered to ipfs:// of course, until someone writes a wrapper for
> > libipfs.
> > 
> 
> Do you mean to have it named like "ipfsgateway" as files (and
> library) but
> keep the protocol registration of ipfs and ipns?
> I'm fine with that. The name is only artificial in code anyhow, all
> that
> matters are the protocol names.

What I'm really after is if other devs think there might be an issue
once someone goes an implements proper IPFS support

It strikes me that this borders on incorporating business logic within
lavf. A user could achieve the same thing with a small shell script.
For example adding an alias that inspects calls to ffmpeg and sed:s
ipfs:// URLs accordingly

> 
> Question though. In a V2 patch, would it make sense to squash
> everything in
> one commit? 

Just look at what other patch series look like. This is small enough
that a single patch is likely enough yes

/Tomas

On Mon, Jan 31, 2022 at 9:23 PM Tomas Härdin <tjoppen@acc.umu.se> wrote:

> mån 2022-01-31 klockan 17:31 +0100 skrev Mark Gaiser:
> > On Mon, Jan 31, 2022 at 4:52 PM Tomas Härdin <tjoppen@acc.umu.se>
> > wrote:
> >
> > > mån 2022-01-31 klockan 14:51 +0100 skrev Mark Gaiser:
> > > >
> > > > There are multiple ways to access files on the IPFS network. This
> > > > patch series
> > > > uses the gateway driven way. An IPFS node - by default - exposes
> > > > a
> > > > local
> > > > gateway (say http://localhost:8080) which is then used to get
> > > > content
> > > > from IPFS.
> > >
> > >
> > > Perhaps the protocol should be called something other than just
> > > ipfs if
> > > it doesn't actually implement IPFS. Like ipfsgateway. It could
> > > still be
> > > registered to ipfs:// of course, until someone writes a wrapper for
> > > libipfs.
> > >
> >
> > Do you mean to have it named like "ipfsgateway" as files (and
> > library) but
> > keep the protocol registration of ipfs and ipns?
> > I'm fine with that. The name is only artificial in code anyhow, all
> > that
> > matters are the protocol names.
>
> What I'm really after is if other devs think there might be an issue
> once someone goes an implements proper IPFS support
>

A "proper" implementation is unfeasible for ffmpeg purposes because a
proper implementation would act as an IPFS node.
That means it would:
- spin up
- do it's bootstrapping
- connect to nodes and find new nodes to connect to
- find the CID on the network
- etc...

This all adds a lot of startup time making it very unfriendly to users.
In this scenario it could take up to minutes before your video starts
playing if it doesn't time out.

Rather, the gateway approach uses an already running IPFS instance.
Users are meant to run a local IPFS instance but it doesn't *have* to be
local.
Sure, a user could point it to another local network hosted IPFS node or
some online public gateway.
But the idea is for users to host a node themselves.


>
> It strikes me that this borders on incorporating business logic within
> lavf. A user could achieve the same thing with a small shell script.
> For example adding an alias that inspects calls to ffmpeg and sed:s
> ipfs:// URLs accordingly
>

That might work but isn't really user friendly. It also doesn't help for
tools/applications that incorporate ffmpeg to potentially use IPFS
resources.
KODI (when IPFS is merged into ffmpeg) is one such application where I'll
be adding support for IPFS.
But there are more that could potentially benefit. Think for example of OBS
studio and blender (i haven't been in contact with them, all i know is that
they use ffmpeg).

>
> >
> > Question though. In a V2 patch, would it make sense to squash
> > everything in
> > one commit?
>
> Just look at what other patch series look like. This is small enough
> that a single patch is likely enough yes
>
> /Tomas
>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
>

On Mon, Jan 31, 2022 at 09:22:52PM +0100, Tomas Härdin wrote:
[...]
> It strikes me that this borders on incorporating business logic within
> lavf. A user could achieve the same thing with a small shell script.
> For example adding an alias that inspects calls to ffmpeg and sed:s
> ipfs:// URLs accordingly

That sounds like a security nightmare
the ffmpeg command line is complex, there are filters, strings for thinsg like
drawtext, there is metadata possibly and links can occur at different places
some of this may be controlled by a user (= attacker)
seperating the actual links out to modify them and just them is no easy feat

thx

[...]

mån 2022-01-31 klockan 23:00 +0100 skrev Mark Gaiser:
> On Mon, Jan 31, 2022 at 9:23 PM Tomas Härdin <tjoppen@acc.umu.se>
> wrote:
> 
> > mån 2022-01-31 klockan 17:31 +0100 skrev Mark Gaiser:
> > > On Mon, Jan 31, 2022 at 4:52 PM Tomas Härdin <tjoppen@acc.umu.se>
> > > wrote:
> > > 
> > > > mån 2022-01-31 klockan 14:51 +0100 skrev Mark Gaiser:
> > > > > 
> > > > > There are multiple ways to access files on the IPFS network.
> > > > > This
> > > > > patch series
> > > > > uses the gateway driven way. An IPFS node - by default -
> > > > > exposes
> > > > > a
> > > > > local
> > > > > gateway (say http://localhost:8080) which is then used to get
> > > > > content
> > > > > from IPFS.
> > > > 
> > > > 
> > > > Perhaps the protocol should be called something other than just
> > > > ipfs if
> > > > it doesn't actually implement IPFS. Like ipfsgateway. It could
> > > > still be
> > > > registered to ipfs:// of course, until someone writes a wrapper
> > > > for
> > > > libipfs.
> > > > 
> > > 
> > > Do you mean to have it named like "ipfsgateway" as files (and
> > > library) but
> > > keep the protocol registration of ipfs and ipns?
> > > I'm fine with that. The name is only artificial in code anyhow,
> > > all
> > > that
> > > matters are the protocol names.
> > 
> > What I'm really after is if other devs think there might be an
> > issue
> > once someone goes an implements proper IPFS support
> > 
> 
> A "proper" implementation is unfeasible for ffmpeg purposes because a
> proper implementation would act as an IPFS node.
> That means it would:
> - spin up
> - do it's bootstrapping
> - connect to nodes and find new nodes to connect to
> - find the CID on the network
> - etc...

This sounds similar to Tor, except Tor has a much more elegant way of
dealing with this stuff by just wrapping ffmpeg with torify. It takes
care of all the IPC stuff with tor.service

> > 
> > It strikes me that this borders on incorporating business logic
> > within
> > lavf. A user could achieve the same thing with a small shell
> > script.
> > For example adding an alias that inspects calls to ffmpeg and sed:s
> > ipfs:// URLs accordingly
> > 
> 
> That might work but isn't really user friendly. It also doesn't help
> for
> tools/applications that incorporate ffmpeg to potentially use IPFS
> resources.
> KODI (when IPFS is merged into ffmpeg) is one such application where
> I'll
> be adding support for IPFS.
> But there are more that could potentially benefit. Think for example
> of OBS
> studio and blender (i haven't been in contact with them, all i know
> is that
> they use ffmpeg).

This sounds like business logic that should live in Kodi, OBS and
Blender respectively. Or better yet, in the operating system itself
(read: systemd). How does Kodi handle browsing media stored in IPFS in
this case? Does it not already have to be IPFS aware for this to work
reasonably well?

Come to think of it, why aren't URLs openable as files on Linux?

/Tomas

tis 2022-02-01 klockan 11:06 +0100 skrev Michael Niedermayer:
> On Mon, Jan 31, 2022 at 09:22:52PM +0100, Tomas Härdin wrote:
> [...]
> > It strikes me that this borders on incorporating business logic
> > within
> > lavf. A user could achieve the same thing with a small shell
> > script.
> > For example adding an alias that inspects calls to ffmpeg and sed:s
> > ipfs:// URLs accordingly
> 
> That sounds like a security nightmare

Parsing shit in C is a far bigger nightmare I can assure you. The
command line can leverage sed and the regex in the URL RFC.

/Tomas

On Tue, Feb 1, 2022 at 5:40 PM Tomas Härdin <tjoppen@acc.umu.se> wrote:

> mån 2022-01-31 klockan 23:00 +0100 skrev Mark Gaiser:
> > On Mon, Jan 31, 2022 at 9:23 PM Tomas Härdin <tjoppen@acc.umu.se>
> > wrote:
> >
> > > mån 2022-01-31 klockan 17:31 +0100 skrev Mark Gaiser:
> > > > On Mon, Jan 31, 2022 at 4:52 PM Tomas Härdin <tjoppen@acc.umu.se>
> > > > wrote:
> > > >
> > > > > mån 2022-01-31 klockan 14:51 +0100 skrev Mark Gaiser:
> > > > > >
> > > > > > There are multiple ways to access files on the IPFS network.
> > > > > > This
> > > > > > patch series
> > > > > > uses the gateway driven way. An IPFS node - by default -
> > > > > > exposes
> > > > > > a
> > > > > > local
> > > > > > gateway (say http://localhost:8080) which is then used to get
> > > > > > content
> > > > > > from IPFS.
> > > > >
> > > > >
> > > > > Perhaps the protocol should be called something other than just
> > > > > ipfs if
> > > > > it doesn't actually implement IPFS. Like ipfsgateway. It could
> > > > > still be
> > > > > registered to ipfs:// of course, until someone writes a wrapper
> > > > > for
> > > > > libipfs.
> > > > >
> > > >
> > > > Do you mean to have it named like "ipfsgateway" as files (and
> > > > library) but
> > > > keep the protocol registration of ipfs and ipns?
> > > > I'm fine with that. The name is only artificial in code anyhow,
> > > > all
> > > > that
> > > > matters are the protocol names.
> > >
> > > What I'm really after is if other devs think there might be an
> > > issue
> > > once someone goes an implements proper IPFS support
> > >
> >
> > A "proper" implementation is unfeasible for ffmpeg purposes because a
> > proper implementation would act as an IPFS node.
> > That means it would:
> > - spin up
> > - do it's bootstrapping
> > - connect to nodes and find new nodes to connect to
> > - find the CID on the network
> > - etc...
>
> This sounds similar to Tor, except Tor has a much more elegant way of
> dealing with this stuff by just wrapping ffmpeg with torify. It takes
> care of all the IPC stuff with tor.service
>
> > >
> > > It strikes me that this borders on incorporating business logic
> > > within
> > > lavf. A user could achieve the same thing with a small shell
> > > script.
> > > For example adding an alias that inspects calls to ffmpeg and sed:s
> > > ipfs:// URLs accordingly
> > >
> >
> > That might work but isn't really user friendly. It also doesn't help
> > for
> > tools/applications that incorporate ffmpeg to potentially use IPFS
> > resources.
> > KODI (when IPFS is merged into ffmpeg) is one such application where
> > I'll
> > be adding support for IPFS.
> > But there are more that could potentially benefit. Think for example
> > of OBS
> > studio and blender (i haven't been in contact with them, all i know
> > is that
> > they use ffmpeg).
>
> This sounds like business logic that should live in Kodi, OBS and
> Blender respectively. Or better yet, in the operating system itself
> (read: systemd). How does Kodi handle browsing media stored in IPFS in
> this case? Does it not already have to be IPFS aware for this to work
> reasonably well?
>

I don't entirely agree that this logic should live in kodi. I think ffmpeg
should provide the base essentials (which this patch is doing).
Kodi and other applications should then provide an input field or whatever
to potentially say "i know the gateway you need to use, pick this one".
They would then either pass "-gateway <url>" with the setting they deem
correct or by filling in the $IPFS_GATEWAY environment variable.

Kodi currently has no way to play IPFS data.
Unless one goes through the hassle of translating it manually to a gateway
url.

To give you an idea of how it looks. Kodi has so called strm (stream)
files. They can contain an url that can be played.

Without this patch an ipfs file would look like this:
http://localhost:8080/ipfs/QmbGtJg23skhvFmu9mJiePVByhfzu5rwo74MEkVDYAmF5T

With this patch it becomes possible to patch kodi to accept:
ipfs://QmbGtJg23skhvFmu9mJiePVByhfzu5rwo74MEkVDYAmF5T

In the former case it's gateway specific. In the latter case it's gateway
agnostic.

The gateway specific way has a problem. If i translate it to a gateway then
that url i picked becomes the point to access the file.
If that url goes down, the file isn't playable. Even if the file might
still be online just fine on the IPFS network.
Imagine you get a file from me and have ipfs running locally. I'm guessing
you don't like to edit the file you received to fix the gateway part of the
url, do you? I certainly don't.

The idea here is that a user sets the gateway that needs to be used to
play. The ideal place to do that is ffmpeg because the gateway logic can
then be in one application. Others (kodi, vlc, ...) can either rely on
ffmpeg doing the right thing or overrule the gateway with their own
setting. In either case, ffmpeg needs the option to set the gateway. This
all changes if the logic can't go in ffmpeg. Then each application gets its
own configuration to set the ipfs gateway. That's a situation I actively
try to prevent because it makes accessing files on ipfs just more
complicated then need be.

Also, please forget the systemd and linux specifics here. ffmpeg isn't
linux only neither is ipfs.

Anyhow, V2 of this patch series will be here shortly.


> Come to think of it, why aren't URLs openable as files on Linux?
>
> /Tomas
>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
>

tis 2022-02-01 klockan 22:18 +0100 skrev Mark Gaiser:
> 
> To give you an idea of how it looks. Kodi has so called strm (stream)
> files. They can contain an url that can be played.
> 
> Without this patch an ipfs file would look like this:
>  
> http://localhost:8080/ipfs/QmbGtJg23skhvFmu9mJiePVByhfzu5rwo74MEkVDYAmF5T
> 
> With this patch it becomes possible to patch kodi to accept:
> ipfs://QmbGtJg23skhvFmu9mJiePVByhfzu5rwo74MEkVDYAmF5T
> 
> In the former case it's gateway specific. In the latter case it's
> gateway
> agnostic.
> 
> The gateway specific way has a problem. If i translate it to a
> gateway then
> that url i picked becomes the point to access the file.
> If that url goes down, the file isn't playable. Even if the file
> might
> still be online just fine on the IPFS network.
> Imagine you get a file from me and have ipfs running locally. I'm
> guessing
> you don't like to edit the file you received to fix the gateway part
> of the
> url, do you? I certainly don't.

You translate the URLs on the fly of course, and don't store the
translated URLs in the strm. I can almost guarantee you you will need
to do this inside Kodi anyway. What if you want to play a playlist
stored in IPFS?

/Tomas

On Wed, Feb 2, 2022 at 1:52 PM Tomas Härdin <tjoppen@acc.umu.se> wrote:

> tis 2022-02-01 klockan 22:18 +0100 skrev Mark Gaiser:
> >
> > To give you an idea of how it looks. Kodi has so called strm (stream)
> > files. They can contain an url that can be played.
> >
> > Without this patch an ipfs file would look like this:
> >
> >
> http://localhost:8080/ipfs/QmbGtJg23skhvFmu9mJiePVByhfzu5rwo74MEkVDYAmF5T
> >
> > With this patch it becomes possible to patch kodi to accept:
> > ipfs://QmbGtJg23skhvFmu9mJiePVByhfzu5rwo74MEkVDYAmF5T
> >
> > In the former case it's gateway specific. In the latter case it's
> > gateway
> > agnostic.
> >
> > The gateway specific way has a problem. If i translate it to a
> > gateway then
> > that url i picked becomes the point to access the file.
> > If that url goes down, the file isn't playable. Even if the file
> > might
> > still be online just fine on the IPFS network.
> > Imagine you get a file from me and have ipfs running locally. I'm
> > guessing
> > you don't like to edit the file you received to fix the gateway part
> > of the
> > url, do you? I certainly don't.
>
> You translate the URLs on the fly of course, and don't store the
> translated URLs in the strm. I can almost guarantee you you will need
> to do this inside Kodi anyway. What if you want to play a playlist
> stored in IPFS?
>

I can guarantee Kodi won't need to do that translation if it's in ffmpeg.
This is because kodi passes media on to ffmpeg. If ipfs and ipns are in
it's whitelisted protocols then ffmpeg is relied upon to handle it.
It's not "exactly" working like that (there are many layers there) but it's
roughly how it works.

We are getting out of the ffmpeg scope here, but here's how I envision it
to work in kodi.
I'm quite sure it's going to work this way because I'm making the patches
for it :)

How I envision it is as follows:
1. Kodi will, somewhere in it's settings, get an option to define an IPFS
gateway. If the user specifies this, it's used.
2. ffmpeg will just honor what was set (kodi will likely pass -gateway
<url>) or will try to auto detect if nothing is given.
3. strm files will be modified to work with ipfs://<cid> url's
4. playlist files. These are tricky as they are not specific to kodi. I
will TRY to let those work if they contain ipfs://<cid>

The playlist case is a bit tricky as m3u8 (i assume you mean that) isn't a
kodi specific thing. strm is.
The eventual endgoal with regards to kodi is for ipfs:// to be a
first-class citizen and to just work. But there are lots of places in kodi
that i'll need to adjust for that to become a reality.
The first step is to get it working in the strm file and I'll go from there.



>
> /Tomas
>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
>

On Tue, Feb 01, 2022 at 05:43:24PM +0100, Tomas Härdin wrote:
> tis 2022-02-01 klockan 11:06 +0100 skrev Michael Niedermayer:
> > On Mon, Jan 31, 2022 at 09:22:52PM +0100, Tomas Härdin wrote:
> > [...]
> > > It strikes me that this borders on incorporating business logic
> > > within
> > > lavf. A user could achieve the same thing with a small shell
> > > script.
> > > For example adding an alias that inspects calls to ffmpeg and sed:s
> > > ipfs:// URLs accordingly
> > 
> > That sounds like a security nightmare
> 
> Parsing shit in C is a far bigger nightmare I can assure you. The
> command line can leverage sed and the regex in the URL RFC.

the problem is if you parse it on the command line and change it
before passing it to ffmpeg. You really need to have ffmpeg and
the command line parse it 100% exactly the same. If theres a
difference you can introduce security issues. because things in the
commend line that are not intended to be changed by an attacker
could become changeable by parser differences, this involves also
issues with artgument seperators being parsed or not parsed as urls

for example a filter argument could be a URL or it could be a generic
string the command line wraper would have to know this difference.
metadata and drawtext will behave interresting if they display
ipfs: and keep in mind on top here the : is a argument seperator
for filters so a real url ipfs link as filter argument would have the :
escaped in some way. The command line tool would need to fully
handle all escaping and unescping we use in every argument and it would
need to have a list of what holds an url and what doesnt.
Noone will implement this in a 100% correct form with sed and regex
anyone trying will long before run naked through the streets and flap
her/his hands as if (s)he is a chicken
feel free to proof me wrong of course 

thx

[...]

ons 2022-02-02 klockan 14:48 +0100 skrev Michael Niedermayer:
> On Tue, Feb 01, 2022 at 05:43:24PM +0100, Tomas Härdin wrote:
> > tis 2022-02-01 klockan 11:06 +0100 skrev Michael Niedermayer:
> > > On Mon, Jan 31, 2022 at 09:22:52PM +0100, Tomas Härdin wrote:
> > > [...]
> > > > It strikes me that this borders on incorporating business logic
> > > > within
> > > > lavf. A user could achieve the same thing with a small shell
> > > > script.
> > > > For example adding an alias that inspects calls to ffmpeg and
> > > > sed:s
> > > > ipfs:// URLs accordingly
> > > 
> > > That sounds like a security nightmare
> > 
> > Parsing shit in C is a far bigger nightmare I can assure you. The
> > command line can leverage sed and the regex in the URL RFC.
> 
> the problem is if you parse it on the command line and change it
> before passing it to ffmpeg. You really need to have ffmpeg and
> the command line parse it 100% exactly the same.

The word you're looking for is langsec. It is why I harp on about being
very strict with what we accept.

/Tomas