Youtube video doesn't play on https hosted site

This topic has 6 replies, 2 voices, and was last updated 4 years, 7 months ago by CreaboxThemes.

Viewing 7 posts - 1 through 7 (of 7 total)

Author

Posts
April 23, 2019 at 11:16 pm #6265

Percy
Participant

The site and template work fine when hosted without an SSL certificate (http://), but when hosted using an SSL certificate (https://), the youtube video doesn’t load or play.

Site name: http://astinbrands.com (working) and https://astinbrands.com (not-working)

Server root is exactly the same content.

Certificate verifies fine and all other functionality is working as expected.

Server: Apache2
OS: Centos 7

April 24, 2019 at 11:12 am #6266
CreaboxThemes
Keymaster
Hi,

sorry for the inconveniences.
I have checked your website and there are some other javascript erros because the ssl certificate.
For example the Google Fonts.

To resolve this point change the lines 47 and 48 from this code:
```
... href='http://fonts.googleapis...
... href='http://fonts.googleapis...
```
To this one:
```
... href='//fonts.googleapis...
... href='//fonts.googleapis...
```
Regards
April 24, 2019 at 4:33 pm #6267

Percy
Participant

I made the changes, but the video is still not loading.

http://astinbrands.com (working)
https://astinbrands.com (not-working)

April 24, 2019 at 8:16 pm #6268

Percy
Participant

Nevermind. I figured it out. There was an error in your code.

April 24, 2019 at 9:15 pm #6269

CreaboxThemes
Keymaster

What was the error exactly?

Regards

April 24, 2019 at 11:08 pm #6270

Percy
Participant

It’s a cross origin error. If the template is hosted behind an SSL cert, everything must be (origin content) be verifiable and also behind SSL. The scripts use http in some places and that causes the browser to mark the script as unsafe.

The way to fix this is to replace all http:// references in the scripts to https:// references. Interestingly enough, it doesn’t matter if a non-secure website hosts https content provided the certificate is verifiable, but not the other way around.

The easy fix is to run the following on directories (which is what I did). (*nix magic)

find ./ -type f -exec sed -i -e ‘s/http:/https:/g’ {} \;

That solved the problem once I realized what the problem was. Considering all browsers today will mark a site as unsafe unless it’s behind a valid, verifiable cert, this should probably be done to all of your themes. I’m not a designer, but I am a heavy duty back-end guy so for what it’s worth, it was tracking down the problem for me more than it was the actual fix. I just had to spend the time looking for the problem so that I can fix it. (and by nature, I really dislike reading / debugging other ppl’s code).

Great design btw. If I might make a suggestion, your documentation could use a bit of refactoring, because most ppl would be lost modifying the template based on the existing docs.

Cheers.

April 25, 2019 at 7:09 am #6272

CreaboxThemes
Keymaster

Hi,

thank you very much for the solution and the recommendation about the documentation. I made it when I published the theme and of course, it’s a bit out-of-date.

Regards
Author

Posts

Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.