Closed
Bug 728721
Opened 12 years ago
Closed 12 years ago
Use https for vid.ly iframes and thumbnails.
Categories
(Websites :: Firefox Flicks, defect, P2)
Websites
Firefox Flicks
Tracking
(Not tracked)
VERIFIED
FIXED
1.2
People
(Reporter: osmose, Assigned: jfong)
References
Details
(Whiteboard: [dev])
Since we're serving flicks over https, we need to make sure all content on the page is also served via https. Currently, our vid.ly iframe embed and thumbnail url are standard HTTP. Switching the thumbnail url to https causes an untrusted certificate error; we should check with vid.ly via their support chat to see if they have a url with a valid certificate for thumbnails. I didn't test with the embed, but I suspect a similar issue there as well.
|
Assignee | |
Updated•12 years ago
|
Assignee: nobody → jfong
|
|
Assignee | |
Comment 1•12 years ago
|
||
I talked to vid.ly support and they currently do not support https. Fred and I talked about it and for now we will leave it as http and let that warning show up. But on a side note, I did update google fonts and gravatar to the https versions.
|
||
Comment 2•12 years ago
|
||
Fwiw, I am not sure if Firefox even still warns on mixed content, even if you have a pristine profile. That said, I wish we could fix it, but using https with an invalid cert is worse, as it *will* pop up an error and equally lead to a "broken padlock"[1]. [1] yes, I know there's no padlock icon anymore.
|
|
||
Updated•12 years ago
|
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → DUPLICATE
|
|
||
Comment 4•12 years ago
|
||
Apologies, this wasn't a dupe. This bug covers the necessary code changes to switch to https when vidly has a proper cert in place.
|
||
Comment 5•12 years ago
|
||
If we can get this done for initial launch, fantastic. Otherwise, we can push it in a subsequent release.
Priority: -- → P2
Target Milestone: --- → 1.1
|
|
||
Comment 7•12 years ago
|
||
Unblocking for launch since Vidly won't be able to resolve before the end of March. We'll deal with mix-content issues for the time being.
|
Reporter | |
Updated•12 years ago
|
Target Milestone: 1.1 → 1.2
|
||
Comment 8•12 years ago
|
||
Commit pushed to develop at https://github.com/mozilla/firefox-flicks https://github.com/mozilla/firefox-flicks/commit/d23703a5236e88eb875e23ca00097091a9b7b67a Switch over vidly embeds and posters to https. fix bug 728721
|
|
||
Updated•12 years ago
|
Status: REOPENED → RESOLVED
Closed: 12 years ago → 12 years ago
Resolution: --- → FIXED
|
||
Comment 9•12 years ago
|
||
Verified FIXED; all requests appear to be over HTTPS: [18:11:46.902] GET https://firefoxflicks-dev.allizom.org/en-US/video/63 [HTTP/1.1 200 OK 328ms] [18:11:47.428] GET https://vid.ly/embeded.html?link=6q3h9k&autoplay=false [HTTP/1.1 200 OK 398ms] [18:11:47.609] GET https://firefoxflicks-dev.allizom.org/media/img/vote.png [HTTP/1.1 200 OK 29ms] [18:11:48.019] GET https://d132d9vcg4o0oh.cloudfront.net/vid.ly/1.0.0.15/css/video-js.css [HTTP/1.0 200 OK 70ms] [18:11:48.023] GET https://d132d9vcg4o0oh.cloudfront.net/vid.ly/1.0.0.15/js/swfobject.js [HTTP/1.0 200 OK 139ms] [18:11:48.027] GET https://d132d9vcg4o0oh.cloudfront.net/vid.ly/1.0.0.15/js/embeded_video.js [HTTP/1.0 200 OK 197ms] [18:11:48.032] GET https://d132d9vcg4o0oh.cloudfront.net/vid.ly/1.0.0.15/js/run.js [HTTP/1.0 200 OK 206ms] [18:11:48.296] GET https://d132d9vcg4o0oh.cloudfront.net/m.vid.ly/1.0.0.26/js/html5.js?link=6q3h9k&autoplay=false&width=600&height=337 [HTTP/1.0 200 OK 15ms] [18:11:48.488] GET http://cf.cdn.vid.ly/6q3h9k/poster.jpg [HTTP/1.0 200 OK 23ms] [18:11:48.494] GET https://vid.ly/embeded.html?link=6q3h9k&autoplay=false [HTTP/1.1 304 Not Modified 75ms] [18:11:51.768] GET https://vid.ly/6q3h9k?content=video&format=webm [HTTP/1.1 302 Found 2360ms] [18:11:54.131] GET https://d3fenhwk93s16g.cloudfront.net/6q3h9k/webm.webm [HTTP/1.0 206 Partial Content 244ms]
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•