Safari gets 404 on mp4 from IIS - iis

I'm using IIS to serve mp4 videos. I get a 404 on mac/safari. It works in chrome and firefox on the same macs. The MIME is video/mp4 .
I've ran tests locally to rule out the video encoding, and the videojs. I've taken the request path directly as well, skipping the html and js, with the same results. Safari will not load the direct url to the video either.
I'm not sure where to look next?

It turns out Safari does range requests for media. IIS itself can handle this, but we are using mvc routing - and we didn't provide any handling for this. The solution is to build an action result that handles range request. We're pulling a solution based on this article

Related

How to block uploads in specific browser without proxy

I have found titanium web proxy to block uploads in browser.
But the requirement is have to block all uploads in specific browser (Chrome, Edge, ..) without proxy?
Can any one help me on this topic how to get the code by searching the keyword?

Google AMP requires HTTPS for audio?

I'm working on making a client's blog site AMP-friendly and I'm running into an issue with their audio posts. It's just a simple WP site where they are uploading the audio files for the podcasts and I'm running into an issue where it says
Source must start with "https://" or "//" or be relative and served from either https or from localhost.
I don't see anywhere in their documentation that this is a rule. I have not run into this issue with other media types. Is there a fix other than setting up an SSL for the site?
No, there is no work around. You must use https for Audio. See here too.

Orchard can't load media

I'm using Orchard 1.7.2. I created widget with MediaPickerField for video file. On the front-end i trying to get this video by url (../Media/Default/Video/video.mp4) and play it using html5 video player. But i get 404 error when trying to load it. I tried fix it like here but after that i get 500 error. I got this errors only on video files and only on server. On local machine everything working fine.
Well, i fix it by adding MIME Type on IIS. There were no mime type for mp4. So i added .mp4 extension and video\mp4 mime type.

How to identify mixed content in https website

I've inherited an ASP.NET web site that has an SSL certificate bought via GoDaddy.
The problem is that the certificate seems to be invalid because of some "mixed content/resources" (I think that's how its called) coming from http sites.
Chrome is showing the red cross over the lock next to https, meaning it's unsecured. The popups says the following:
Click in "What do these mean?" goes here which says:
The [crossed-lock] icon appears when
Google Chrome detects high-risk mixed
content, such as JavaScript, on the
page or when the site presents an
invalid certificate.
The certificate is correct and valid because I tried creating a blank "Hi world" .aspx page and it's showing the green lock with no problems.
Reading a little bit, I found that I should only include images and javascript coming from https sites. The only thing it had coming from http was the addthis widget, but they support https, so I changed to https, but it's still saying that is unsecured.
I've searched for anything else coming from http in the source, but didn't find anything.
Is there some way (site, chrome extension, firefox extension, whatever) that will show exactly which are the resources that are "unsecured"?
I've never dealt with SSL/HTTPS certificates, but I need to fix this issue asap.
Check your site in http://www.whynopadlock.com, which will give you a list of url which is not consider as secure by your browser.
Check the chrome console
You will get it like this,
The page at https://xys displayed insecure content from http://asdasda.png.
Make it http site to https then it will work.
I've found the problem using the Chrome Developer Tools. It was a js that's embedding a flash from an 3rd party site which it's using http.
Are you on Windows? Download and run Fiddler while browsing the site, and watch for HTTP connections.
Mixed content means contents of a web page are mixed with HTTP and HTTPS links.
These links include your JS, CSS, Image, Video, Audio, Iframes etc.
If your website is enabled for HTTPS (SSL certificate has installed), make sure you serve only HTTPS contents throughout your web page.

How to detect which content is not secured on mixed content SSL page.?

I've added a SSL certificate to an existing site, and now in IE I get a mixed content warning. Problem is, I don't know what's the non-secure content IE is warning me about. It's a simple html page, with a few Flash, a few images, a loaded CSS and JS.
How can I find out what's the non-secured content..?
Edit:
I found the culprit: it's the JS AC_RunActiveContent.js used to display Flash movie. So anyone has an idea on how to prevent SSL mixed content when using AC_RunActiveContent.js.?
This means that something is requesting content using the http protocol specifically, or you have an absolute path to an image or other content that begins with http instead of https.
A few tips: Use relative paths everywhere you can. If you must use an absolute path, and it's to a server you own, use https. If you're loading stuff from off your site, you're probably stuck with the mixed-content warning.
This also goes for your scripts, check out the JS, and the CSS template and make sure they're not the guilty parties - if they are change them to use relative paths, or to request items via https instead of http (assuming you're positive that the server they're referencing supports https, if it doesn't you're stuck).
There are a few other details, this might be helpful.
Ok, so here is the solution for my particular problem. It was the codebase value in my code that needed to be https as well (I didn't think it would trigger the warning, as my Flash were displaying correctly, oh well)...
AC_FL_RunContent( 'codebase','https://download.macromedia.com/pub/shoc...
Link to Adobe info on this: Security Information error in Internet Explorer
I use the Firefox console -- it reports the http resources it blocks from fetching on a mixed content page.
Search your source for http: only. Another great tool to help you out is Fiddler with which you can see what's getting downloaded upon requesting your page.

Resources