Streaming Video in https | ansaurus

tags:

https

views:

333

answers:

1

+1 Q:

Streaming Video in https

Hello

I have an https page, and I've been asked to embed streaming video. Now I understand the normal policy (the files must also be hosted on https) but are there any other gotchas I should be aware of?

What if I stuck an IFRAME on the page, and streamed the content into that frame from a normal http source? Would I still get the "secure and insecure content on this page" warning?

Thanks Duncan

+2 A:

Streaming over https seems a really bad idea unless you really NEED your video stream to be secure .

I don't know how every browser deals with a mix of http and https requests, but I believe if a page served over http also makes https requests, there usually won't be an "insecure content" warning.

However if an https page makes http requests, this usually will trigger an "insecure content" warning.

Edit: A thought: if you are using a flash video player, where the flash file is served over https but the .flv file is served over http - I doubt the browser will be 'clever' enough to detect that, and hence you shouldn't get any warnings - that is my guess - YMMV.

DanSingerman 2009-06-30 11:15:07

What about embedding in the IFRAME? Any experience with this?

Duncan 2009-06-30 11:54:08

I suspect, as you do, that an http iframe embedded in an https page will cause warnings in most browsers

DanSingerman 2009-06-30 12:49:05

related questions

How would you implement a secure static login credentials system in Java?

Blocking https url's in a embedded gecko browser

Restrict Apache to only allow access using SSL for some directories

How to put up an off-the-shelf https to http gateway?

Rails SSL Requirement plugin -- shouldn't it check to see if you're in production mode before redirecting to https?

What's the best way to learn server RESTful code?

Force HTTPS. How is it possible?

How can I get LWP to validate SSL server certificates?

What must I do to make content such as images served over HTTPS be cached client-side?

What does a PHP developer need to know about https / secure socket layer connections?

What's a clean/simple way to ensure the security of a page?

Making sure a web page is not cached, across all browsers.

Best way in asp.net to force https for an entire site?

Any way to handle Put and Delete verbs in ASP.Net MVC?

Response.Redirect with POST instead of Get?

How to get the correct Content-Length for a POST request.

IIS7: HTTP->HTTPS Cleanly

[ASP.NET ERROR] The request was aborted: Could not create SSL/TLS secure channel.

Testing HTTPS files with MAMP

How do banks remember "your computer"?

Avoid traffic shaping by using ssh on port 443

Convince Firefox to send an If-Modified-Since header over HTTPS

How do you redirect HTTPS to HTTP?

Using mod_rewrite to Mimic SSL Virtual Hosts?

Options for Google Maps over SSL