diff --git a/resources/tokenisation/minter/token_validate.lua b/resources/tokenisation/minter/token_validate.lua
--- a/resources/tokenisation/minter/token_validate.lua
+++ b/resources/tokenisation/minter/token_validate.lua
#
@@ -10,6 +10,10 @@ local string = string
#
local sha256 = require "lib.sha256"
#
+local excluded_paths = {'resources/embed/'}
#
local function mint_token(path,expires,ip,secret)
#
local mint = {path,expires,ip}
#
local mintstr = table.concat(mint,':')
#
@@ -32,6 +36,17 @@ local function getPath(str,sep)
#
return str:match("(.*"..sep..")")
#
+function table.contains(table, element)
#
+ -- From https://stackoverflow.com/questions/2282444/how-to-check-if-a-table-contains-an-element-in-lua
#
+ for _, value in pairs(table) do
#
+ if value == element then
#
local function bakeTokenCookie(name,value,path,expires)
#
-- Return a string like
#
-- foo=value; Path=/foo/bar/sed; Expires=Jan 1st 2011
#
@@ -53,6 +68,14 @@ secret = ngx.var.secret
#
cookiename = sha256.sha256(vidpath)
#
+if table.contains(excluded_paths,vidpath)
#
+ -- We don't enforce tokens for this file
#
-- ngx.header['X-Tk-Debug'] = 'Validating for ip ' .. ip .. ' and path ' .. vidpath
#
local provided = ngx.var.arg_t
#
local expires = tonumber(ngx.var.arg_e)