jquery-oembed-all icon indicating copy to clipboard operation
jquery-oembed-all copied to clipboard

Published 20 hours ago verified publisher icon starfishmod

oEmbed https issues

Open nicolaasmatthijs opened this issue 11 years ago • 3 comments

When using oEmbed on an https page, security conscious browsers such as Chrome won't load some of the http jsonp and swf content.

[blocked] The page at https://mydomain.org/mypage ran insecure content from http://flickr.com/services/oembed?format=json&url=http%3A//www.flickr.com/p…et-72157633424719011&jsoncallback=jQuery20006060085988137871_1372157077449.

In this PR, I've made the following providers protocol agnostic and tested this on both http and https:

  • blip.tv
  • dailymotion
  • deviantart
  • flickr
  • ifixit.com
  • img.ly
  • instagram
  • pastebin.com
  • pinterest
  • scribd
  • slideshare
  • soundcloud
  • speakerdeck
  • ted.com
  • twitgoo
  • twitpic
  • vimeo
  • youtube

The same approach would probably work for the other providers as well, but I haven't fixes and/or tested any of those yet.

nicolaasmatthijs avatar Jun 25 '13 10:06 nicolaasmatthijs

Interesting, I was looking into writing a proxy service to solve this issue, but I think I'll give your solution a try first.

dieseltravis avatar Jun 26 '13 17:06 dieseltravis

@starfishmod : Is there any chance that this can be merged? Cross-protocol embedding is becoming an increasingly big problem in the latest browser versions.

nicolaasmatthijs avatar Jul 30 '14 00:07 nicolaasmatthijs

The NFL would like to continue support for this plugin. Please re-submit your pull request with https://github.com/nfl/jquery-oembed-all. Thank you.

LGCambra avatar Sep 08 '14 18:09 LGCambra