Vimeo embedder does not use HTTPS

instructure / lti_public_resources

Public Resources LTI app (gemified)

MIT License

1 stars 2 forks source link

Vimeo embedder does not use HTTPS #3

Closed bagofarms closed 10 years ago

bagofarms commented 10 years ago

Embedding a video using the Vimeo LTI hosted on eduappcenter.com uses the HTTP URL for the video. Nearly all modern browsers automatically block embedded content from non-HTTPS sources in Canvas (which is an HTTPS site). The user is required to override this block, which presents a huge support issue.

I recommend that the embed code use the "//player.vimeo.com" url rather than specifying a protocol.

coderberry commented 10 years ago

@bagofarms This project has been merged into our base engine project (which is currently still on an internal git repo only). The changes you mentioned have been made on that repo, although instead of offiering //player.vimeo.com we force ssl. This is because it will not work in the LMS unless it's ssl (as you said).

I will try to see if we can get the base engine project on github. Feedback there would be excellent.

bagofarms commented 10 years ago

Thanks for the quick reply. I guess the updated code hasn't been pushed to eduappcenter.com. I look forward to seeing the base engine project!