Hardcoded reference to SWF does not follow httpS

[tomsaffell]

When self-hosting video.js as an httpS resource (one one's own server) the script still tries to load the fallback swf from an http cdn:

line 79: flash: { swf: "http://vjs.zencdn.net/c/video-js.swf" },

This causes IE8 to issue a warning to the user "Do you want to view only the webpage content that was delivered securely?" - requires the user to click 'No' to proceed.

Suggested fix - detect when page is https, and in that case use a relative url e.g. /st/video-js.swf

[heff]

Yeah, in the latest demo file i have it instructing to update the flash location if hosted locally.

<script> _V_.options.flash.swf = "video-js.swf"; </script>

Though, we have an SSL on the CDN now, so could probably also just use '//vjs.zencdn.net/c/video-js.swf' instead.

On May 18, 2012, at 3:55 PM, tomsaffell wrote:

When self-hosting video.js as an httpS resource (one one's own server) the script still tries to load the fallback swf from an http cdn:

line 79: flash: { swf: "http://vjs.zencdn.net/c/video-js.swf" },

This causes IE8 to issue a warning to the user "Do you want to view only the webpage content that was delivered securely?" - requires the user to click 'No' to proceed.

Suggested fix - detect when page is https, and in that case use a relative url e.g. /st/video-js.swf

---

Reply to this email directly or view it on GitHub:
#188

[heff]

This should be fixed in the latest version.