Is it really effective to encrypt HLS with AES-128 by converting the video to m3u8?

After reading the converted m3u8 file, each TS slice has a url pointing to the obtained plaintext, as shown in the following code: {code ...} the plaintext can be obtained through test.com. Is the encryption secure? I do not need to read the converted m3u8 file for every user requesting test.com. Each TS slice has a url pointing to the obtained plaintext, as shown in the following code:

#EXT-X-KEY:METHOD=AES-128,URI="http://test.com",IV=0x9e7aaacac3e30732d4104caba7e9cff0#EXTINF:41.400000,/ElPSJkBWCffXykHUXYjBDg_ulrg=/lj3yTkLXOzp4wb5rm397sDhH2BLR/000000.ts

Passhttp://test.comThe plaintext can be obtained. Is the encryption secure?

I do not needhttp://test.comFor example, if the request from qiniu is passed, but not qiniu, it will not pass.

So how do I know that the request is qiniu? What other methods can be used to improve security. .

Reply content:

After reading the converted m3u8 file, each TS slice has a url pointing to the obtained plaintext, as shown in the following code:

#EXT-X-KEY:METHOD=AES-128,URI="http://test.com",IV=0x9e7aaacac3e30732d4104caba7e9cff0#EXTINF:41.400000,/ElPSJkBWCffXykHUXYjBDg_ulrg=/lj3yTkLXOzp4wb5rm397sDhH2BLR/000000.ts

Passhttp://test.comThe plaintext can be obtained. Is the encryption secure?

I do not needhttp://test.comFor example, if the request from qiniu is passed, but not qiniu, it will not pass.

So how do I know that the request is qiniu? What other methods can be used to improve security. .

The http://test.com address is not from qiniu. Instead, your client initiates a request from the browser when accessing this video.
In this way, you need to verify the customer's identity. If it is an illegal user, access is prohibited.