Does this support https?

Waterskiaddict

My forum is hosted on https.

So any youtube, image, etc must also use the https embed as to not display non-secure content.

I tried looking into the .js, and I guess I am a little lost, but I tried this area-

var urlo = (url == document.URL) ? document.location : $('')[0],
            urlp = {
                protocol: urlo.protocol.slice(0, urlo.protocol.length - 1),
                host: urlo.hostname,
                port: urlo.port,
                path: urlo.pathname,
                query: urlo.search,

and

var newel = $(''),
            id = 'YT_'+ hash +'_'+ (new Date).getTime();
        newel.attr('height', height);
        newel.attr('src', 'https://www.youtube.com/embed/'+ hash +'?rel=0&autoplay=1&theme=light&enablejsapi=1&width='+width+'&height='+height);

swook

Hullo @Waterskiaddict,

This issue should be resolved now with version 0.2.8.

Sorry it took a while, I do not receive notifications from this plugin page.

If you have any future problems, please poke it at me via https://github.com/swook/Mediator/issues.

Thanks!

Waterskiaddict

Thanks for getting back to me, @swook

I updated the plugin on my site, and it still seems to use an http:// youtube embed which causes an unsecure content warning and the embed to fail on my forums that are hosted on https.

Here is a look at the embed code it produced
http://pastebin.com/zjiXkWhc

Thank you in advance for your assistance and for providing this plugin.

vrijvlinder

You can just add the s after https manually when you paste the link.
https:// www.youtube.com/watch?v=5WXYw4J4QOU

I suppose what you want is for the plugin to replace http with https ? I am not sure that this plugin does that. You have the option of copying the https version of the link and embed on youtube. I would think that is what you need because that is the original source that the message is talking about.

So what you need is something that changes all the links to images or content from external sources that don't have https , to https. Because this will happen with images as well as videos . Or any sources using http (non encrypted)

I would not worry about the message though, you know the sources are safe.

vrijvlinder

You may be able to use rewrite rules to make the urls that are not https to be so

To use Apache mod_rewrite to control whether a page is served via http or https. Here's an example  from a site's root directory .htaccess file:

# Redirect most reqests for http to https
RewriteRule ^http://www.youtube.com(.*) https://www.youtube.com$1 [R=301,NC]

# Allow some URIs to be https if requested
RewriteCond   %{SERVER_PORT}  ^443$
RewriteCond   %{REQUEST_URI}  !^/images/(.*)$
RewriteCond   %{REQUEST_URI}  !^/scripts/(.*)$
RewriteCond   %{REQUEST_URI}  !^/styles/(.*)$
RewriteCond   %{REQUEST_URI}  !^/store(.*)$
RewriteCond   %{REQUEST_URI}  !^/login.htm$
RewriteRule ^(.*) http://www.youtube.com/$1 [L,R]

# Force some URIs to be https only
RewriteCond   %{SERVER_PORT}  ^80$
RewriteRule ^store(.*) https://www.youtube.com/store$1 [L,R]

RewriteCond   %{SERVER_PORT}  ^80$
RewriteRule ^FormSanityKey.htm https://www.youtube.com/login$1 [L,R]\\

http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html

swook

@Waterskiaddict,

Sorry this reply is very late. I had gotten frightfully busy in the past few weeks and forgot about this thread.

As for your issue, the code at http://pastebin.com/zjiXkWhc is not generated by my plugin.

You may have to disable Vanilla's embedding as mentioned by @x00 at http://vanillaforums.org/discussion/23067/how-did-you-get-html5-video-there#Comment_177151 (Thank you btw x00)