HTTPS URL for media is saved as HTTP

[fsesterh]

When inserting HTTPS media, for instance a HTTPS url from YouTube, the URL is saved as HTTP. This then leads to a "mixed content" error with modern browsers, because loading HTTP content within a HTTPS context is blocked.

You can easily check this by creating and saving a HTTPS encrypted media object. When editing a youtube video you will see that the iframe is pointing to a HTTP url, like this:

...iframe width="360" height="240" src="http://www.youtube.com/embed/YE7VzlLtp-4" frameborder=0></iframe...

Instead of

...iframe width="360" height="240" src="httpS://www.youtube.com/embed/YE7VzlLtp-4" frameborder=0></iframe...

Moodle: 3.3.4 (Build: 20180118) Exabis Portfolio: 4.6.2 (Build: 2017121101)

Steps to reproduce

• activate the exabis portfolio block in a course
• create a new personal/custom view
• insert a HTTPS URL, for instance: https://www.youtube.com/watch?v=YE7VzlLtp-4
• save the media object
• edit the media object
• confirm that the URL for the iframe has been rewritten to unencrypted HTTP

[fsesterh]

Updated OP with version and build numbers for Moodle and Exabis Portfolio.