Support › Forums › Gris – HTML Template › Youtube video doesn't play on https hosted site
- This topic has 6 replies, 2 voices, and was last updated 4 years, 1 month ago by
CreaboxThemes.
-
AuthorPosts
-
April 23, 2019 at 11:16 pm #6265
Percy
ParticipantThe site and template work fine when hosted without an SSL certificate (http://), but when hosted using an SSL certificate (https://), the youtube video doesn’t load or play.
Site name: http://astinbrands.com (working) and https://astinbrands.com (not-working)
Server root is exactly the same content.
Certificate verifies fine and all other functionality is working as expected.
Server: Apache2
OS: Centos 7April 24, 2019 at 11:12 am #6266CreaboxThemes
KeymasterHi,
sorry for the inconveniences.
I have checked your website and there are some other javascript erros because the ssl certificate.
For example the Google Fonts.To resolve this point change the lines 47 and 48 from this code:
... href='http://fonts.googleapis... ... href='http://fonts.googleapis...
To this one:
... href='//fonts.googleapis... ... href='//fonts.googleapis...
Regards
April 24, 2019 at 4:33 pm #6267Percy
ParticipantI made the changes, but the video is still not loading.
http://astinbrands.com (working)
https://astinbrands.com (not-working)April 24, 2019 at 8:16 pm #6268Percy
ParticipantNevermind. I figured it out. There was an error in your code.
April 24, 2019 at 9:15 pm #6269CreaboxThemes
KeymasterWhat was the error exactly?
Regards
April 24, 2019 at 11:08 pm #6270Percy
ParticipantIt’s a cross origin error. If the template is hosted behind an SSL cert, everything must be (origin content) be verifiable and also behind SSL. The scripts use http in some places and that causes the browser to mark the script as unsafe.
The way to fix this is to replace all http:// references in the scripts to https:// references. Interestingly enough, it doesn’t matter if a non-secure website hosts https content provided the certificate is verifiable, but not the other way around.
The easy fix is to run the following on directories (which is what I did). (*nix magic)
find ./ -type f -exec sed -i -e ‘s/http:/https:/g’ {} \;
That solved the problem once I realized what the problem was. Considering all browsers today will mark a site as unsafe unless it’s behind a valid, verifiable cert, this should probably be done to all of your themes. I’m not a designer, but I am a heavy duty back-end guy so for what it’s worth, it was tracking down the problem for me more than it was the actual fix. I just had to spend the time looking for the problem so that I can fix it. (and by nature, I really dislike reading / debugging other ppl’s code).
Great design btw. If I might make a suggestion, your documentation could use a bit of refactoring, because most ppl would be lost modifying the template based on the existing docs.
Cheers.
April 25, 2019 at 7:09 am #6272CreaboxThemes
KeymasterHi,
thank you very much for the solution and the recommendation about the documentation. I made it when I published the theme and of course, it’s a bit out-of-date.
Regards
-
AuthorPosts
- You must be logged in to reply to this topic.