mahara-contributors team mailing list archive

[François Marier <francois@xxxxxxxxxx>]

Public bug reported:

Our removal of httpswwwroot in bug #646713 means that any external
content must be available over https. Blocks that need fixing:

- external video
- google apps

Greg Hanley says:

"I just recently moved our site from always https to only login, because
when students embed video from outside of the site (which they are
encouraged to do to save file space and to take advantage of other
resources) Internet Explorer will block the content every time you
reload the page. It also looks like it is blocking the new Google Apps
block type, even if the provided url/embed-code has https in it. As
Iñaki Arenaza mentioned, we use LDAP for logins that can't be allowed to
pass in clear text so HTTPS is important. At least 25% of our users use
IE and it becomes very irritating having to constantly confirm "show all
content" when editing a page or browsing a collection.

Some of this might be mitigated if the googleapps and externalvideo
block types took into consideration the site's SSL status and embedded
the content with https sources when available (both YouTube and Google
Apps seem to support embedding over https)."

** Affects: mahara
     Importance: High
         Status: Triaged


** Tags: https

** Changed in: mahara
    Milestone: None => 1.4.1

** Changed in: mahara
   Importance: Undecided => High

** Changed in: mahara
       Status: New => Triaged

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/809058

Title:
  Allow embedding of external videos and Google things over HTTPS

Status in Mahara ePortfolio:
  Triaged

Bug description:
  Our removal of httpswwwroot in bug #646713 means that any external
  content must be available over https. Blocks that need fixing:

  - external video
  - google apps

  Greg Hanley says:

  "I just recently moved our site from always https to only login,
  because when students embed video from outside of the site (which they
  are encouraged to do to save file space and to take advantage of other
  resources) Internet Explorer will block the content every time you
  reload the page. It also looks like it is blocking the new Google Apps
  block type, even if the provided url/embed-code has https in it. As
  Iñaki Arenaza mentioned, we use LDAP for logins that can't be allowed
  to pass in clear text so HTTPS is important. At least 25% of our users
  use IE and it becomes very irritating having to constantly confirm
  "show all content" when editing a page or browsing a collection.

  Some of this might be mitigated if the googleapps and externalvideo
  block types took into consideration the site's SSL status and embedded
  the content with https sources when available (both YouTube and Google
  Apps seem to support embedding over https)."

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/809058/+subscriptions