Closed Bug 728721 Opened 13 years ago Closed 13 years ago

Use https for vid.ly iframes and thumbnails.

Categories

(Websites :: Firefox Flicks, defect, P2)

Product:
Websites
Component:
Firefox Flicks
Type:
defect

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: osmose, Assigned: jfong)

References

Details

(Whiteboard: [dev])

Since we're serving flicks over https, we need to make sure all content on the page is also served via https. Currently, our vid.ly iframe embed and thumbnail url are standard HTTP. Switching the thumbnail url to https causes an untrusted certificate error; we should check with vid.ly via their support chat to see if they have a url with a valid certificate for thumbnails. I didn't test with the embed, but I suspect a similar issue there as well.
Assignee: nobody → jfong
I talked to vid.ly support and they currently do not support https. Fred and I talked about it and for now we will leave it as http and let that warning show up. But on a side note, I did update google fonts and gravatar to the https versions.
Fwiw, I am not sure if Firefox even still warns on mixed content, even if you have a pristine profile. That said, I wish we could fix it, but using https with an invalid cert is worse, as it *will* pop up an error and equally lead to a "broken padlock"[1]. [1] yes, I know there's no padlock icon anymore.
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → DUPLICATE
Apologies, this wasn't a dupe. This bug covers the necessary code changes to switch to https when vidly has a proper cert in place.
Status: RESOLVED → REOPENED
Depends on: 729973
Resolution: DUPLICATE → ---
If we can get this done for initial launch, fantastic. Otherwise, we can push it in a subsequent release.
Priority: -- → P2
Target Milestone: --- → 1.1
Unblocking for launch since Vidly won't be able to resolve before the end of March. We'll deal with mix-content issues for the time being.
Blocks: 700465
No longer blocks: 720430
Target Milestone: 1.1 → 1.2
Status: REOPENED → RESOLVED
Closed: 13 years ago13 years ago
Resolution: --- → FIXED
Verified FIXED; all requests appear to be over HTTPS: [18:11:46.902] GET https://firefoxflicks-dev.allizom.org/en-US/video/63 [HTTP/1.1 200 OK 328ms] [18:11:47.428] GET https://vid.ly/embeded.html?link=6q3h9k&autoplay=false [HTTP/1.1 200 OK 398ms] [18:11:47.609] GET https://firefoxflicks-dev.allizom.org/media/img/vote.png [HTTP/1.1 200 OK 29ms] [18:11:48.019] GET https://d132d9vcg4o0oh.cloudfront.net/vid.ly/1.0.0.15/css/video-js.css [HTTP/1.0 200 OK 70ms] [18:11:48.023] GET https://d132d9vcg4o0oh.cloudfront.net/vid.ly/1.0.0.15/js/swfobject.js [HTTP/1.0 200 OK 139ms] [18:11:48.027] GET https://d132d9vcg4o0oh.cloudfront.net/vid.ly/1.0.0.15/js/embeded_video.js [HTTP/1.0 200 OK 197ms] [18:11:48.032] GET https://d132d9vcg4o0oh.cloudfront.net/vid.ly/1.0.0.15/js/run.js [HTTP/1.0 200 OK 206ms] [18:11:48.296] GET https://d132d9vcg4o0oh.cloudfront.net/m.vid.ly/1.0.0.26/js/html5.js?link=6q3h9k&autoplay=false&width=600&height=337 [HTTP/1.0 200 OK 15ms] [18:11:48.488] GET http://cf.cdn.vid.ly/6q3h9k/poster.jpg [HTTP/1.0 200 OK 23ms] [18:11:48.494] GET https://vid.ly/embeded.html?link=6q3h9k&autoplay=false [HTTP/1.1 304 Not Modified 75ms] [18:11:51.768] GET https://vid.ly/6q3h9k?content=video&format=webm [HTTP/1.1 302 Found 2360ms] [18:11:54.131] GET https://d3fenhwk93s16g.cloudfront.net/6q3h9k/webm.webm [HTTP/1.0 206 Partial Content 244ms]
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.