I use video.js on my site, but http://video.mp4 not plays I'm getting an error, as I realized https://video.mp4 plays without problem.
Is there any way to correct this? If I will get not secure on this pages no problem, Generally I need to play video.
you can check here for example: https://kinogo.ge/watch/the-way-back-qartulad.html?key=gtgxawoc5gus
and in same video with https: https://kinogo.ge/watch/the-way-back-qartulad.html?key=c2nnf4im0z8u
No. The browser enforces that http resources cannot be retrieved from an https page. You can't disable that from javascript.
Related
I'm working on making a client's blog site AMP-friendly and I'm running into an issue with their audio posts. It's just a simple WP site where they are uploading the audio files for the podcasts and I'm running into an issue where it says
Source must start with "https://" or "//" or be relative and served from either https or from localhost.
I don't see anywhere in their documentation that this is a rule. I have not run into this issue with other media types. Is there a fix other than setting up an SSL for the site?
No, there is no work around. You must use https for Audio. See here too.
In a site that otherwise fully uses HTTPS, I'm playing a HTTP radio stream using the <audio> element. This causes the browser to show a warning sign in the address bar that unsecure elements are present in the page.
I tried putting the <audio> inside an <iframe>, but at least Chrome wasn't fooled that easily.
The radio stream is outside my control and not available via HTTPS. I could pipe it through an HTTPS proxy, but that would be costly.
Is there any other way to play the stream without any warnings, in modern browsers? (I'm assuming there isn't, because I'd consider it a bug in that browser.)
Your assumption is correct. If you did find a way to do what you are asking, you should definitely file a bug report with the browser vendor, as that would be a serious security vulnerability. Not to mention the fact that, should you succeed, informed users would no longer be able to trust the security of your site.
The Youtube video make my website insecure, and I need it to be secure, what do I do to make it secure even though I have a Youtube video embeded? Simply I need my users to link videos.
I haven't really tried much since i searched the web and tried to research the issue but couldn't find any..
Change the http:// in the URL to video into //.
I've inherited an ASP.NET web site that has an SSL certificate bought via GoDaddy.
The problem is that the certificate seems to be invalid because of some "mixed content/resources" (I think that's how its called) coming from http sites.
Chrome is showing the red cross over the lock next to https, meaning it's unsecured. The popups says the following:
Click in "What do these mean?" goes here which says:
The [crossed-lock] icon appears when
Google Chrome detects high-risk mixed
content, such as JavaScript, on the
page or when the site presents an
invalid certificate.
The certificate is correct and valid because I tried creating a blank "Hi world" .aspx page and it's showing the green lock with no problems.
Reading a little bit, I found that I should only include images and javascript coming from https sites. The only thing it had coming from http was the addthis widget, but they support https, so I changed to https, but it's still saying that is unsecured.
I've searched for anything else coming from http in the source, but didn't find anything.
Is there some way (site, chrome extension, firefox extension, whatever) that will show exactly which are the resources that are "unsecured"?
I've never dealt with SSL/HTTPS certificates, but I need to fix this issue asap.
Check your site in http://www.whynopadlock.com, which will give you a list of url which is not consider as secure by your browser.
Check the chrome console
You will get it like this,
The page at https://xys displayed insecure content from http://asdasda.png.
Make it http site to https then it will work.
I've found the problem using the Chrome Developer Tools. It was a js that's embedding a flash from an 3rd party site which it's using http.
Are you on Windows? Download and run Fiddler while browsing the site, and watch for HTTP connections.
Mixed content means contents of a web page are mixed with HTTP and HTTPS links.
These links include your JS, CSS, Image, Video, Audio, Iframes etc.
If your website is enabled for HTTPS (SSL certificate has installed), make sure you serve only HTTPS contents throughout your web page.
Okay, so I have created a webpage for a client who is using https protocol, but wants to stream video from a non-secured source (not YouTube, unfortunately). Best case scenario: I'd be looking for a way to stream the video without getting security warnings for mixed content (especially a problem in any IE). I realize this may be impossible, so my secondary question would be how to put some sort of placeholder into the page if the user decides not to view the non-secure content. This way my layout is not totally butchered. Obviously though, it would be best not to trip any security issues. The video we are trying to stream is accessed via the below code (given by client for embedding), if that helps anything. Any help is appreciated!
<script src="http://video.bigthink.com/player.js?height=183&autoplay=0&width=325&deepLinkEmbedCode=Y5M3U4MTq4-WJs8Wn0bLOXi0AeGcxHf4&embedCode=Y5M3U4MTq4-WJs8Wn0bLOXi0AeGcxHf4"></script>
Usually you just have to change the src from http to https, unfortunately these video sites are not thinking about secuirty and refuse to pay $30 for a certificate. I think your best bet it to make that specific page non-https or use an iframe.