How to play DRM-protected videos using Shaka Player


Shaka Player is an open-source JavaScript library used to play adaptive media formats, such as DASH and HLS, in a web browser. It does not use plugins or Flash and instead relies on open web standards MediaSource Extensions and Encrypted Media Extensions. It also supports offline storage and media playback with the help of IndexedDB. While content can be stored on any browser, storage of licenses depends on browser support.

Without DRM configuration, Shaka Player can only play clear content. In order to enforce DRM video protection, the application must give the URL(s) of its license server(s) to Shaka Player. This has been made simple with the help of  player.configure() and the drm.servers is an object that maps key system IDs to server URLs. Shaka Player is key-system-agnostic. That is, it does not prefer any key-system(s) in particular and uses EMEs to ask the browser what it supports. In case the browser supports multiple key systems, the first supported system in the manifest is used.

DRM video protection implements an interoperable encryption standard called Common Encryption (CENC). Shaka Player supports CENC content playback via Google Widevine and PlayReady and HLS content via FairPlay. The EME specification requires browsers to support a common key system called “Clear Key,” which uses unencrypted keys to decrypt CENC content. The field drm.clearKeys is used to configure Clear Key and a map of the key IDs to content keys is provided. If the manifest specifies Clear Key, the JSON-based license request format and license format for the Clear Key CDM, which are defined by the EME spec, can be used to retrieve the keys.

Advanced options available in Shaka Player can be used to access the full EME configuration. The config field drm.advanced is used for advanced requirements, such as hardware security in Widevine. The security of the content can be defined by the “robustness” field, which is a key-system-specific string that specifies requirements for successful playback. Each key system has its own values for robustness while the default is the empty string, which is the lowest security level supported by the key system.