Hey all, was watching the Women’s hockey game last night (Go Canada!) on the nbcolympics.com site. They have a 30 minute counter that at the end says you have to “quickly verify” your cable provider to continue watching. Makes sense. (I don’t have cable, and I’m a web developer)
Watched the first 30 minutes on Chrome incognito. Then cleared the cache/cookies/whatever and refreshed I figured it’d let me watch more. But it didn’t—it somehow remembered I’d already watched the 30 minutes. Thought they might check for IP? Switched to Opera privacy mode. Tooled around with VPN to see if it would work. It did, and gave me another 30 minute window to watch. Great, it worked! After those 30 minutes were up, it asked to verify again. I cleared the cache/data in Opera, reloaded the page, and it somehow still knew I’d watched it already. Since I use Opera mainly for testing my own code, I quickly deleted and reinstalled the browser (Mac OS Sierra), and the stream worked again. So I think somehow they were able to do some kind of cross-site thing to track your views. Without localstorage or cookies, how does that even work? How can they track your activity without storing something in your browser session, unless it’s store elsewhere? It’s definitely related to your browser’s installed instance, so maybe they’re installing something into your browser? Very odd, and need help understanding how it works. Thanks!
It uses Adobe Auth, presumably: (https://www.adobe.com/marketing-cloud/primetime/authentication.html).
And authenticates using a URL: https://sp.auth.adobe.com/adobe-services/authenticate/saml?noflash=true&mso_id=TempPass_5min&requestor_id=NBCOlympics&no_iframe=false&domain_name=adobe.com&redirect_url=http%3A%2F%2Fstream.nbcolympics.com%2Fhockey-womens-prelims-united-states-vs-canada