HTTPS URL for media is saved as HTTP #17

fsesterh · 2018-01-30T14:28:38Z

When inserting HTTPS media, for instance a HTTPS url from YouTube, the URL is saved as HTTP. This then leads to a "mixed content" error with modern browsers, because loading HTTP content within a HTTPS context is blocked.

You can easily check this by creating and saving a HTTPS encrypted media object. When editing a youtube video you will see that the iframe is pointing to a HTTP url, like this:

...iframe width="360" height="240" src="http://www.youtube.com/embed/YE7VzlLtp-4" frameborder=0></iframe...

Instead of

...iframe width="360" height="240" src="httpS://www.youtube.com/embed/YE7VzlLtp-4" frameborder=0></iframe...

Moodle: 3.3.4 (Build: 20180118)
Exabis Portfolio: 4.6.2 (Build: 2017121101)

Steps to reproduce

activate the exabis portfolio block in a course
create a new personal/custom view
insert a HTTPS URL, for instance: https://www.youtube.com/watch?v=YE7VzlLtp-4
save the media object
edit the media object
confirm that the URL for the iframe has been rewritten to unencrypted HTTP

fsesterh · 2018-01-30T14:31:39Z

Updated OP with version and build numbers for Moodle and Exabis Portfolio.

ariepl closed this as completed Jun 24, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

HTTPS URL for media is saved as HTTP #17

HTTPS URL for media is saved as HTTP #17

fsesterh commented Jan 30, 2018 •

edited

Loading

fsesterh commented Jan 30, 2018

HTTPS URL for media is saved as HTTP #17

HTTPS URL for media is saved as HTTP #17

Comments

fsesterh commented Jan 30, 2018 • edited Loading

fsesterh commented Jan 30, 2018

fsesterh commented Jan 30, 2018 •

edited

Loading