[Owasp-board] Mixed Content on OWASP.org

Michael Coates michael.coates at owasp.org
Thu Aug 22 10:31:35 UTC 2013


I saw this earlier this week and it was also pointed out on twitter (
https://twitter.com/parker0phil/status/370466318887026688). We have mixed
content on owasp.org due to embedding the youtube video view http. Mixed
content is going to be blocked soon in firefox.

It looks like the root of the problem is the mediawiki extension for
embedding video which doesn't appear to support SSL links.


Here is the offending page.
https://www.owasp.org/index.php?title=Template:Community-Sandbox

I believe the solution is to enable and use the iframe widget.

<br>
'''Hundreds of Hours of [
https://www.owasp.org/index.php/Category:OWASP_Video AppSec Videos]'''
{{#ev:youtube|CDbWvEwBBxo}}


Replace above (current page) with below:

{{#widget:Iframe
|url=https://www.youtube.com/watch?v=CDbWvEwBBxo&feature=player_embedded
|width=410
|height=342
|border=1
}}



--
Michael Coates | OWASP | @_mwc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20130822/36d57b39/attachment.html>


More information about the Owasp-board mailing list