Open directly from an URL

Effects, Recipes, Interfacing with other software, etc.
Forum rules
If you require help using Audacity, please post on the forum board relevant to your operating system:
Windows
Mac OS X
GNU/Linux and Unix-like
steve
Site Admin
Posts: 81955
Joined: Sat Dec 01, 2007 11:43 am
Operating System: Linux *buntu

Re: Open directly from an URL

Post by steve » Sun Jul 11, 2021 8:14 pm

Paul2 wrote:
Sun Jul 11, 2021 6:56 pm
Just because code can be hidden/included in a wav (or other audio file), does not present a danger.
Not necessarily true.

ASF files can contain script commands that are run automatically by Windows Media Player (See: https://docs.microsoft.com/en-gb/window ... dfrom=MSDN). Even if such scripts can't do anything directly dangerous, they could still trick users into doing something dangerous. One example is described here: https://isc.sans.edu/diary/Scripts+in+ASF+files/4355

A more common risk with downloaded audio files comes from the fact that Windows and macOS hide the file extension by default, thus an executable file can be made to look like an audio file:
"Rare recording.mp3.exe" may look like "Rare recording.mp3"
Given that many people play audio files by double clicking on the audio file, there's an obvious danger.


Having said that, I think there are more likely reasons to not download files directly into Audacity.
  • Whereas a music player can start playing a file before it has finished downloading, it would be a fatal error if Audacity tried to apply an effect to a file before the download completed.
  • Normally Audacity works on a copy of the file that is being edited. This adds a level of safety in that no matter what goes wrong, the original version of the imported file is not affected. This would not be the case when downloading directly into Audacity. Say that you had just bought an album from Amazon and downloaded directly into Audacity, then for some reason Audacity crashed. You could potentially lose your one and only copy of the album, and would have to buy it again. (No doubt you would download it safely the second time before importing it into Audacity - but better if you had done that the first time).
  • Audacity does not act directly on audio files. Audacity acts on blocks of 32-bit audio data (called "blockfiles") that have been recorded or copied from a file. Audacity would still need to copy the audio data and convert it into "blockfiles" before it could be worked on.
When all is considered, I don't see much advantage in downloading directly into Audacity, but I do see increased risk, and the possibility that Audacity could be accused of encouraging making pirate copies of copyrighted material. Unless Audacity implemented DRM (which is problematic for open source software and likely to be extremely unpopular), I expect that there would be some degree of legal jeopardy.
9/10 questions are answered in the FREQUENTLY ASKED QUESTIONS (FAQ)

steve
Site Admin
Posts: 81955
Joined: Sat Dec 01, 2007 11:43 am
Operating System: Linux *buntu

Re: Open directly from an URL

Post by steve » Sun Jul 11, 2021 8:18 pm

Paul2 wrote:
Sun Jul 11, 2021 8:14 pm
The OP also specifically mentioned downloading from YouTube,
That would be a direct breach of YouTube's terms of service.

https://www.youtube.com/static?template=terms
The following restrictions apply to your use of the Service. You are not allowed to:

1. access, reproduce, download, distribute, transmit, broadcast, display, sell, license, alter, modify or otherwise use any part of the Service or any Content except: (a) as specifically permitted by the Service; (b) with prior written permission from YouTube and, if applicable, the respective rights holders; or (c) as permitted by applicable law;
(highlighting mine)
9/10 questions are answered in the FREQUENTLY ASKED QUESTIONS (FAQ)

Paul2
Posts: 225
Joined: Wed Sep 04, 2019 1:17 pm
Operating System: macOS 10.15 Catalina or later

Re: Open directly from an URL

Post by Paul2 » Sun Jul 11, 2021 8:30 pm

ASF files can contain script commands that are run automatically by Windows Media Player
Then WMP is even worse than I thought, and in one of my previous posts I specifically asked/wondered why
people still put themselves at risk using WMP.
WMV and WMA files are terrible things, I have been in the TV business (and before that in radio) for many, many
years and have never had to deal with those codecs.
I still maintain that the article that trebor linked to, is alarmist, as 99% of media files pose no threat.
That is certainly true of the most common, wav, mp3, mov, mp4, ......
That would be a direct breach of YouTube's terms of service.
Yes it would, but like it or not, people do it.
I don't think it's Audacity's place to play policeman.
By all means include a warning and disclaimer and let the individual decide.

Bottom line is, in today's ever more connected and "online" world, more and more media will arrive by direct downloads.

I personally have no use for downloading something directly with Audacity, but can understand that others would find it
useful and probably shorten/simplify their workflows.

As to the default hiding of extensions, yes that is true and quite dumb in my opinion.
Users have to take some responsibility when using a tool like a computer, just like an electric drill, hammer etc.
Part of that responsibility is at least having a basic knowledge of some dangers and pitfalls when it comes to files.
To hold back a feature or addition just to protect the lowest common denominator is certainly not progress.

EDIT:
Unless Audacity implemented DRM (which is problematic for open source software and likely to be extremely unpopular), I expect that there would be some degree of legal jeopardy.
Are you sure Steve?
Surely then the same applies to any downloader including VLC, wget and all web browsers.

The other point you made about Audacity crashing if applying an effect when the file has not fully downloaded, is very valid.
However that could be overcome in code, by checking for a completed download first.

steve
Site Admin
Posts: 81955
Joined: Sat Dec 01, 2007 11:43 am
Operating System: Linux *buntu

Re: Open directly from an URL

Post by steve » Sun Jul 11, 2021 10:19 pm

Paul2 wrote:
Sun Jul 11, 2021 8:30 pm
Yes it would, but like it or not, people do it.
I don't think it's Audacity's place to play policeman.
By all means include a warning and disclaimer and let the individual decide
I think that to get it to work with YouTube would be for Audacity to pretend to be a web browser, and so trick the YouTube server into delivering content that should be served to someone watching the content in a web browser. I'm not a lawyer, but in my opinion that would take Audacity beyond "condoning" illegal copying, that would take Audacity into "aiding and abetting".

On the other hand, direct download "could" be made possible from sources that support legal downloading of content. Whether or not there's demand for that, I don't know.
9/10 questions are answered in the FREQUENTLY ASKED QUESTIONS (FAQ)

Paul2
Posts: 225
Joined: Wed Sep 04, 2019 1:17 pm
Operating System: macOS 10.15 Catalina or later

Re: Open directly from an URL

Post by Paul2 » Sun Jul 11, 2021 10:35 pm

I think that to get it to work with YouTube would be for Audacity to pretend to be a web browser, and so trick the YouTube server into delivering content that should be served to someone watching the content in a web browser.
Were are getting into semantics here as to what constitutes a web browser.
A web browser itself, does not download anything, it simply "decodes" the data and displays it or plays it.
There is other code in the browser that deals with the actual download, if Audacity used the same (or similar) code, well......

Over and above, what about software like wget?
It has an option to allow a user to change the "User Agent".
(For those that don't know, the "User Agent" is some text that identifies your browser to websites).

For example, a very common "User Agent" for people using Chrome on Mac is:

Code: Select all

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4188.121 Safari/637.36
An example of changing the "User Agent":
(Simulating IE 6 on Windows NT 5.1 (In other words Win XP)

Code: Select all

$ wget -U "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" "http://www.SomeSiteYouAreVisiting.com"
The fact that a user may change the "User Agent", is entirely the individuals doing and nothing to do with wget, or Audacity or any other software.

If it was a problem, the people that coded wget, would have been in hot water a long time ago.

BTW, VLC and even Chrome, let you modify the "User Agent", you just have to know where to do it. ;)
I don't see them being sued.

To use an example, it's like authorities trying to ban the sale of wire cutters, because some people may use them to cut a fence
and break into a property.
Or, ban printers because they can be used to print false documents.

People use (and abuse) tools all the time, the use and responsibility lies with the user.

There are thousands of sites that allow direct downloads and thousands of legitimate reasons why someone may
want to download them.
The fact that some people may use a feature to do something they shouldn't, well that is their problem
and not that of the creators or coders.

richaardvark
Posts: 12
Joined: Fri Apr 02, 2021 11:48 am
Operating System: Linux Debian

Re: Open directly from an URL

Post by richaardvark » Mon Jul 12, 2021 12:27 am

lol... Just to clarify here: as I stated in my earlier post I am NOT suggesting Audacity be able to directly import/extract audio from YouTube video links:
richaardvark wrote:
Sun Jul 11, 2021 4:00 pm
I'm not saying someone should be able to paste a YouTube video URL and have the audio instantly imported into Audacity...
I just want to be able to open a file from a URL. Apparently this functionality is already built-into Windows File Explorer and one can type an HTTP URL into the location bar in the File Open dialogue (I will have to get on my Windows machine and test this). This lets Windows itself manage the actual downloading of the file/scanning for any potential malware.

Apparently this type of file management operation (opening from an HTTP URL source) is also available/built-in to many distributions of Linux, which use GtkFileChooser as the file open/file management interface, but it is up to the application developer whether or not this feature has been supported/activated. I tried typing a direct .mp3 file URL into the "File Import/Open" dialog that appears in Audacity on Linux and it seems the feature has not been supported or activated. ​Here are a couple of links referencing this functionality:
Trebor wrote:
Sun Jul 11, 2021 5:25 pm
richaardvark wrote:
Sun Jul 11, 2021 4:00 pm
... If adding a few lines of simple code to implement this feature of being able to quickly open an audio file from an internet source still worries you so much about content potentially being copyrighted, then add a simple one-sentence disclaimer warning that "material from the Internet may be copyright protected content ...
There is also the issue of security: malware can be packaged with/in audio, e.g. ...
https://www.infopackets.com/news/10642/ ... udio-files
If you have Audacity whitelisted in your antivirus to make it run more reliably,
then a download direct into Audacity would be unchecked. :shock:
Couldn't there potentially be the same type of bundled malware in any file opened from anywhere? If someone sends me a file on Google Drive, or via email, it could still potentially come bundled along with malicious code. It's true that Google Drive/many modern email programs have built-in detection and file scanning features for malware, but not everyone uses these features or has them. And I also agree that they're not likely to be executed if the file content is simply turned into audio bits/blocks.
steve wrote:
Sun Jul 11, 2021 8:14 pm
[Having said that, I think there are more likely reasons to not download files directly into Audacity.
  • Whereas a music player can start playing a file before it has finished downloading, it would be a fatal error if Audacity tried to apply an effect to a file before the download completed.
  • Normally Audacity works on a copy of the file that is being edited. This adds a level of safety in that no matter what goes wrong, the original version of the imported file is not affected. This would not be the case when downloading directly into Audacity. Say that you had just bought an album from Amazon and downloaded directly into Audacity, then for some reason Audacity crashed. You could potentially lose your one and only copy of the album, and would have to buy it again. (No doubt you would download it safely the second time before importing it into Audacity - but better if you had done that the first time).
  • Audacity does not act directly on audio files. Audacity acts on blocks of 32-bit audio data (called "blockfiles") that have been recorded or copied from a file. Audacity would still need to copy the audio data and convert it into "blockfiles" before it could be worked on.
These are valid points, but as I stated in my original post I would expect Audacity would work from a copy/temp/cached version of the file and not directly with the file itself. And most (all?) media files accessed via a URL link (a generic example) are going to be read-only anyway...
steve wrote:
Sun Jul 11, 2021 8:14 pm
When all is considered, I don't see much advantage in downloading directly into Audacity, but I do see increased risk, and the possibility that Audacity could be accused of encouraging making pirate copies of copyrighted material. Unless Audacity implemented DRM (which is problematic for open source software and likely to be extremely unpopular), I expect that there would be some degree of legal jeopardy.
This is a standard feature on so many other applications. I'm sure there is generic language available for a "Legal/TOS" read-me file that can be used to protect Audacity from any liability. I"m not asking for Audacity to load and convert YouTube videos and then extract the audio. I just want to be able to directly open (or I guess I should say load a copy of) a media file from an HTTP location. If the file format isn't one of the five or six common audio/media file formats than there can be an error message stating that this provided URL is not a direct link to a supported audio file (as I also mentioned initially). This feature/function is no different from the current "File --> Import..." functionality/feature of Audacity. I can just as easily access copyrighted material from a local file.

steve
Site Admin
Posts: 81955
Joined: Sat Dec 01, 2007 11:43 am
Operating System: Linux *buntu

Re: Open directly from an URL

Post by steve » Mon Jul 12, 2021 9:04 am

richaardvark wrote:
Mon Jul 12, 2021 12:27 am
Just to clarify here: as I stated in my earlier post I am NOT suggesting Audacity be able to directly import/extract audio from YouTube video links:
Yes I saw that, and I agree that it is an important distinction from the original post.

I would expect that the developer's answer to the original post would be "no", simply on the grounds of potential exposure to being sued. The law in the US is very clear that "it is illegal to make a copy of content if you do not have the permission of the copyright owner". It is very unlikely that a company would go after an individual for illegally downloading copyrighted material without permission - more likely they would go after a company that they see to be implicated in the activity (as happened with mp3.com).

richaardvark wrote:
Mon Jul 12, 2021 12:27 am
Apparently this type of file management operation (opening from an HTTP URL source) is also available/built-in to many distributions of Linux,
That depends on the file browser. That functionality is not present in Thunar (there may be a plug-in available to add that feature, but I've not looked). I believe that Nautilus file browser (the default for Gnome Desktop) has this feature by default, and also optional plug-ins for integration with dropbox and other cloud storage.

richaardvark wrote:
Mon Jul 12, 2021 12:27 am
I would expect Audacity would work from a copy/temp/cached version of the file and not directly with the file itself.
The obvious way to implement this would be:
1. Download the URL target somewhere
2. Import the downloaded file in the normal way.

Personally I don't see much benefit to that at present. I'd rather just download the file to a location of my choosing (using one of the many tools available on my computer, such as Firefox web browser), and then import the downloaded file. I'm not a fan of the "everything and the kitchen sink" approach to software development, mostly because it frequently leads to "bloatware". I tend to prefer the approach "do one job well".
9/10 questions are answered in the FREQUENTLY ASKED QUESTIONS (FAQ)

richaardvark
Posts: 12
Joined: Fri Apr 02, 2021 11:48 am
Operating System: Linux Debian

Re: Open directly from an URL

Post by richaardvark » Fri Jul 16, 2021 6:28 pm

steve wrote:
Mon Jul 12, 2021 9:04 am
richaardvark wrote:
Mon Jul 12, 2021 12:27 am
Just to clarify here: as I stated in my earlier post I am NOT suggesting Audacity be able to directly import/extract audio from YouTube video links:
Yes I saw that, and I agree that it is an important distinction from the original post.

I would expect that the developer's answer to the original post would be "no", simply on the grounds of potential exposure to being sued. The law in the US is very clear that "it is illegal to make a copy of content if you do not have the permission of the copyright owner". It is very unlikely that a company would go after an individual for illegally downloading copyrighted material without permission - more likely they would go after a company that they see to be implicated in the activity (as happened with mp3.com).

richaardvark wrote:
Mon Jul 12, 2021 12:27 am
Apparently this type of file management operation (opening from an HTTP URL source) is also available/built-in to many distributions of Linux,
That depends on the file browser. That functionality is not present in Thunar (there may be a plug-in available to add that feature, but I've not looked). I believe that Nautilus file browser (the default for Gnome Desktop) has this feature by default, and also optional plug-ins for integration with dropbox and other cloud storage.

richaardvark wrote:
Mon Jul 12, 2021 12:27 am
I would expect Audacity would work from a copy/temp/cached version of the file and not directly with the file itself.
The obvious way to implement this would be:
1. Download the URL target somewhere
2. Import the downloaded file in the normal way.

Personally I don't see much benefit to that at present. I'd rather just download the file to a location of my choosing (using one of the many tools available on my computer, such as Firefox web browser), and then import the downloaded file. I'm not a fan of the "everything and the kitchen sink" approach to software development, mostly because it frequently leads to "bloatware". I tend to prefer the approach "do one job well".
Just wanted to say I value and understand/respect your feedback here and appreciate your taking the time to offer it :)

steve
Site Admin
Posts: 81955
Joined: Sat Dec 01, 2007 11:43 am
Operating System: Linux *buntu

Re: Open directly from an URL

Post by steve » Fri Jul 16, 2021 7:02 pm

richaardvark wrote:
Fri Jul 16, 2021 6:28 pm
Just wanted to say I value and understand/respect your feedback here and appreciate your taking the time to offer it :)
You're welcome, and I trust that you understand that my response included a good amount of personal opinion ;)


It occurs to me that it would be fairly simple to write a Python script to download a file and then open it in Audacity. When launched from a command line, Audacity may be passed an optional file path. That tells Audacity to import the specified audio file after launch. So a Python script would just need to download a file somewhere, wait for the download to complete, then pass a command to the operating system:

Code: Select all

audacity path-to-downloaded-file
9/10 questions are answered in the FREQUENTLY ASKED QUESTIONS (FAQ)

Post Reply