miles64

Awesome, thanks for this!

In case anyone else has the same issue I had:

I had the same issue (player not loading) and the first thing I did was to disable adblock, this did not fix the issue for me, however oddly enough disabling the HTTPS Everywhere extension made it work. I tried with /chat/ during UPF, and when the extensions is enabled, Chrome rejects the following requests from the page:
https://fast.cbsi.demdex.net/dest4.html?d_nsid=0 -> net::ERR_INSECURE_RESPONSE
http://d.pzkysq.pink/adblockr.javascript?z=1121155664 -> net::ERR_BLOCKED_BY_CLIENT
http://vidtech.cbsima.com/ads/cnvideo?cid=98295&adnum=1 -> net::ERR_BLOCKED_BY_CLIENT
The last two is adblock (it's OK I have premium :P), but the first one is due to HTTPS Everywhere forcing HTTPS for that request, and there's a problem with their cert (NET::ERR_CERT_COMMON_NAME_INVALID). When the extensions is disabled, that request is done through HTTP which of course goes through, and the player loads and works fine (even with adblock blocking the other two requests). It seems to be "Adobe AudienceManager" which apparently is needed for the player to work for some reason.

Demdex.net seems to be owned by Adobe so I doubt this issue can be fixed from our side :(

My stupidity knows no bounds. I used the wrong username. It actually works fine :D Although it's very interesting that I have to use a different username for the http auth then for the website. Maybe it's because I was registered on Whiskey originally?

Basically, it seems like authenticating through the website works fine:

[tbyte@arch shm]$ rm cookie output;token=$(curl -s -S -b cookie -c cookie https://auth.giantbomb.com/login/ | grep token | sed -e 's/.*token."[ ]value[=]"\(.*\)".*/\1/g');curl -s -S -b cookie -c cookie -L -i -d 'form[_username]=miles64' -d form[_password]=‘xxxxxxxx’ -d 'form[_target_path]=/login/?login=success' -d "form[_token]=$token" 'https://auth.giantbomb.com/check-login/' > /dev/null;curl -s -S -b cookie -c cookie http://www.giantbomb.com/videos/feed/hd/8/

<?xml version="1.0" encoding="UTF-8"?>

<rss xmlns:itunes="http://www.itunes.com/dtds/podcast-1.0.dtd" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:media="http://search.yahoo.com/mrss/" version="2.0">

<channel xmlns:itunes="http://www.itunes.com/dtds/podcast-1.0.dtd" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:media="http://search.yahoo.com/mrss/">

<title>Giant Bomb - Features - [hd]</title>

<link>http://auth.giantbomb.com/videos/feed/</link>

<copyright>2007 - CBS Interactive</copyright>

<language>en-us</language>

<itunes:subtitle xmlns:itunes="http://www.itunes.com/dtds/podcast-1.0.dtd">This is a subscriber only feed for videos on Giant Bomb</itunes:subtitle>

<itunes:author xmlns:itunes="http://www.itunes.com/dtds/podcast-1.0.dtd">Giant Bomb</itunes:author>

<itunes:summary xmlns:itunes="http://www.itunes.com/dtds/podcast-1.0.dtd">This is a subscriber only feed for videos on Giant Bomb</itunes:summary>

<description>This is a subscriber only feed for videos on Giant Bomb</description>

<atom:link xmlns:atom="http://www.w3.org/2005/Atom" href="http://auth.giantbomb.com/videos/feed/" rel="self" type="application/rss+xml"/>

<itunes:owner xmlns:itunes="http://www.itunes.com/dtds/podcast-1.0.dtd">

<itunes:name>Giant Bomb</itunes:name>

<itunes:email>bombcast@giantbomb.com</itunes:email>

</itunes:owner>

But HTTP authentication doesn't work:

[tbyte@arch shm]$ curl -s -S -i -u 'miles64:xxxxxxxx' 'http://www.giantbomb.com/videos/feed/hd/8/'

HTTP/1.1 401 Unauthorized

Cache-Control: no-cache

Content-Type: text/plain; charset=utf-8

Date: Fri, 27 Dec 2013 09:18:21 GMT

Server: nginx/1.0.15

Set-Cookie: PHPSESSID=xxxxxxxx; path=/; domain=.giantbomb.com

Set-Cookie: device_view=not_mobile; expires=Mon, 27-Jan-2014 08:00:00 GMT; path=/; httponly

WWW-Authenticate: Basic realm="Subscriber Area"

X-Powered-By: PHP/5.4.17

Content-Length: 22

Connection: keep-alive

Authorization required

Removed the passwords/session ID from the post but obviously I used the same password.

Same here, I'm getting the feed parsed by Firefox fine, but iTunes/other podcatchers don't authenticate. Same with http://www.giantbomb.com/videos/feed/mobile/.

btw, there are no certainties in life. people need to take managed risks in order to grow. is there anything protecting GB completely from interference from CBSi? most likely there isn't, unless the CBSi guys are beyond retarded, I mean then technically there would be nothing stopping this site to put up illegal material and CBSi as a parent company would be held responsible ultimately - it isn't realistic that a major corporation would sign something like this. but there was also not a damn thing protecting them from interference from Shelby Bonnie either.

remember Jeff talking about how there were multiple other 'bidders' for GB but they didn't go with them? this is what he was talking about. they took a hard look at all of them, and decided that a company like BB would carry a far higher risk than CBSi when it comes to interfering with content. considering the apocalyptic shitstorm gamespot went through in 2007, I'm in really serious doubts that there's any risk on this front btw. but even if there was, like I said, they can always bail.

@Marokai: I said this in another thread, but CBSi bought GB, not Jeff or Ryan or anyone else. Unless you think that these guys lost integrity since 2007 (which would be pretty ridiculous), then wouldn't it make more sense for them to bail if CBSi started pulling shenanigans? They've done the same when management last tried to fuck with their creative control, and founded this website. Btw, when this happened, the content they produced was still beyond awesome. Unless you can give me a good reason why, after 15 odd years they'd lose their passion and integrity for this line of work all of a sudden, I don't have any reason to expect them to do anything but either produce the same or better quality content than before, or bail and become independent again.

man I wish I could switch cell providers halfway through my term because they got a new CEO.

@MKHavoc: well I can sort of understand the reason, I mean it's not like they need the money now that they're owned by one of the biggest corporations on the planet, so might as well support someone else who actually needs the money. for myself, I think $5/mo is worth it simply for the extra vids. hell, I'd pay $10 for jar time alone. but certainly that 'supporting the indie game site' feel is gone.

make a thread about it