Closed Bug 728721 Opened 12 years ago Closed 12 years ago

Use https for iframes and thumbnails.


(Websites :: Firefox Flicks, defect, P2)



(Not tracked)



(Reporter: osmose, Assigned: jfong)



(Whiteboard: [dev])

Since we're serving flicks over https, we need to make sure all content on the page is also served via https. Currently, our iframe embed and thumbnail url are standard HTTP.

Switching the thumbnail url to https causes an untrusted certificate error; we should check with via their support chat to see if they have a url with a valid certificate for thumbnails. I didn't test with the embed, but I suspect a similar issue there as well.
Assignee: nobody → jfong
I talked to support and they currently do not support https. Fred and I talked about it and for now we will leave it as http and let that warning show up. But on a side note, I did update google fonts and gravatar to the https versions.
Fwiw, I am not sure if Firefox even still warns on mixed content, even if you have a pristine profile.

That said, I wish we could fix it, but using https with an invalid cert is worse, as it *will* pop up an error and equally lead to a "broken padlock"[1].

[1] yes, I know there's no padlock icon anymore.
Closed: 12 years ago
Resolution: --- → DUPLICATE
Apologies, this wasn't a dupe. This bug covers the necessary code changes to switch to https when vidly has a proper cert in place.
Depends on: 729973
Resolution: DUPLICATE → ---
If we can get this done for initial launch, fantastic. Otherwise, we can push it in a subsequent release.
Priority: -- → P2
Target Milestone: --- → 1.1
Unblocking for launch since Vidly won't be able to resolve before the end of March. We'll deal with mix-content issues for the time being.
Blocks: 700465
No longer blocks: 720430
Target Milestone: 1.1 → 1.2
Closed: 12 years ago12 years ago
Resolution: --- → FIXED
Verified FIXED; all requests appear to be over HTTPS:

[18:11:46.902] GET [HTTP/1.1 200 OK 328ms]
[18:11:47.428] GET [HTTP/1.1 200 OK 398ms]
[18:11:47.609] GET [HTTP/1.1 200 OK 29ms]
[18:11:48.019] GET [HTTP/1.0 200 OK 70ms]
[18:11:48.023] GET [HTTP/1.0 200 OK 139ms]
[18:11:48.027] GET [HTTP/1.0 200 OK 197ms]
[18:11:48.032] GET [HTTP/1.0 200 OK 206ms]
[18:11:48.296] GET [HTTP/1.0 200 OK 15ms]
[18:11:48.488] GET [HTTP/1.0 200 OK 23ms]
[18:11:48.494] GET [HTTP/1.1 304 Not Modified 75ms]
[18:11:51.768] GET [HTTP/1.1 302 Found 2360ms]
[18:11:54.131] GET [HTTP/1.0 206 Partial Content 244ms]
You need to log in before you can comment on or make changes to this bug.