Since we're serving flicks over https, we need to make sure all content on the page is also served via https. Currently, our vid.ly iframe embed and thumbnail url are standard HTTP. Switching the thumbnail url to https causes an untrusted certificate error; we should check with vid.ly via their support chat to see if they have a url with a valid certificate for thumbnails. I didn't test with the embed, but I suspect a similar issue there as well.
I talked to vid.ly support and they currently do not support https. Fred and I talked about it and for now we will leave it as http and let that warning show up. But on a side note, I did update google fonts and gravatar to the https versions.
Fwiw, I am not sure if Firefox even still warns on mixed content, even if you have a pristine profile. That said, I wish we could fix it, but using https with an invalid cert is worse, as it *will* pop up an error and equally lead to a "broken padlock".  yes, I know there's no padlock icon anymore.
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 729973
Apologies, this wasn't a dupe. This bug covers the necessary code changes to switch to https when vidly has a proper cert in place.
Status: RESOLVED → REOPENED
Depends on: 729973
Resolution: DUPLICATE → ---
If we can get this done for initial launch, fantastic. Otherwise, we can push it in a subsequent release.
Priority: -- → P2
Target Milestone: --- → 1.1
Unblocking for launch since Vidly won't be able to resolve before the end of March. We'll deal with mix-content issues for the time being.
Commit pushed to develop at https://github.com/mozilla/firefox-flicks https://github.com/mozilla/firefox-flicks/commit/d23703a5236e88eb875e23ca00097091a9b7b67a Switch over vidly embeds and posters to https. fix bug 728721
Status: REOPENED → RESOLVED
Last Resolved: 7 years ago → 7 years ago
Resolution: --- → FIXED
Verified FIXED; all requests appear to be over HTTPS: [18:11:46.902] GET https://firefoxflicks-dev.allizom.org/en-US/video/63 [HTTP/1.1 200 OK 328ms] [18:11:47.428] GET https://vid.ly/embeded.html?link=6q3h9k&autoplay=false [HTTP/1.1 200 OK 398ms] [18:11:47.609] GET https://firefoxflicks-dev.allizom.org/media/img/vote.png [HTTP/1.1 200 OK 29ms] [18:11:48.019] GET https://d132d9vcg4o0oh.cloudfront.net/vid.ly/126.96.36.199/css/video-js.css [HTTP/1.0 200 OK 70ms] [18:11:48.023] GET https://d132d9vcg4o0oh.cloudfront.net/vid.ly/188.8.131.52/js/swfobject.js [HTTP/1.0 200 OK 139ms] [18:11:48.027] GET https://d132d9vcg4o0oh.cloudfront.net/vid.ly/184.108.40.206/js/embeded_video.js [HTTP/1.0 200 OK 197ms] [18:11:48.032] GET https://d132d9vcg4o0oh.cloudfront.net/vid.ly/220.127.116.11/js/run.js [HTTP/1.0 200 OK 206ms] [18:11:48.296] GET https://d132d9vcg4o0oh.cloudfront.net/m.vid.ly/18.104.22.168/js/html5.js?link=6q3h9k&autoplay=false&width=600&height=337 [HTTP/1.0 200 OK 15ms] [18:11:48.488] GET http://cf.cdn.vid.ly/6q3h9k/poster.jpg [HTTP/1.0 200 OK 23ms] [18:11:48.494] GET https://vid.ly/embeded.html?link=6q3h9k&autoplay=false [HTTP/1.1 304 Not Modified 75ms] [18:11:51.768] GET https://vid.ly/6q3h9k?content=video&format=webm [HTTP/1.1 302 Found 2360ms] [18:11:54.131] GET https://d3fenhwk93s16g.cloudfront.net/6q3h9k/webm.webm [HTTP/1.0 206 Partial Content 244ms]
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.