Using https with embedded videos would solve the problem, except that the anonym.to redirection (which still uses http) would prevent the video being shown. Should we disable anonym.to for embedded videos? The purpose of anonym.to is to hide at which site the video is embedded (it does *not* hide the user IP like an anonymous proxy or something). I don't know how much youtube account owners can see, but looks like visitors can no longer see referrers at youtube anyway.Phuzzy4242 wrote:People should also be aware Firefox itself has added protections for sites that use https: but also have content sent by http: (for instance, embedding YouTube videos here). If you see the little shield in the address bar, [Image] you have to click it and select "Disable Protection On This Page. This was just added to Firefox recently and I haven't found a way to disable it. I don't really want to disable it, but being able to whitelist sites would be useful because it shows on every page with mixed http/https..
Embedded Youtube
Embedded Youtube
- Phuzzy4242
- Site Admin
- Posts: 7686
- Likes: 26753
- Joined: Sun Aug 23, 2009 1:00 am
Re: Embedded Youtube
You mean, using https://www.youtube.com/... isn't supposed to work with anonym.to? That's not the case because quite a few recent youtube embeds have used https and still worked once the protections were disabled.
How much protection is anonym.to actually providing? In reality, there's no real anonymity, only blurring the tracks a little.
How much protection is anonym.to actually providing? In reality, there's no real anonymity, only blurring the tracks a little.
Re: Embedded Youtube
Without anonym.to, you wouldn't have to disable the protections, because everything would be https.Phuzzy4242 wrote:You mean, using https://www.youtube.com/... isn't supposed to work with anonym.to? That's not the case because quite a few recent youtube embeds have used https and still worked once the protections were disabled.
The name is misleading. It is not supposed to provide anonymity (a la anonymous proxies). It simply hides referrer, so if a site (like youtube) would see that the link was posted/embedded at FLM, using anonym.to they see "anonym.to" instead of FLM. I think it doesn't make much difference, because FLM is an open forum and findable via Google, etc., anyway.Phuzzy4242 wrote:How much protection is anonym.to actually providing? In reality, there's no real anonymity, only blurring the tracks a little.
Re: Embedded Youtube
Just a side note on the embeds. I found that I also am having to add info that I did not before on the embeds. As an ex. Infiniters did not work. This is why...
The embed code from youtube:
<iframe width="640" height="360" src="//www.youtube.com/embed/OFJq9GYnweE?featu ... detailpage" frameborder="0" allowfullscreen></iframe>
which would be
MISSING the https: to make the embed work
I NEVER had to add that before but have had to with all my new links in order for it to work. This is a youtube thing that obviously has changed.
The embed code from youtube:
<iframe width="640" height="360" src="//www.youtube.com/embed/OFJq9GYnweE?featu ... detailpage" frameborder="0" allowfullscreen></iframe>
which would be
MISSING the https: to make the embed work
I NEVER had to add that before but have had to with all my new links in order for it to work. This is a youtube thing that obviously has changed.
Re: Embedded Youtube
If youtube is giving an embed code like that, then it's a bug. There has to be either http or https.donkeykog wrote:The embed code from youtube:
<iframe width="640" height="360" src="//www.youtube.com/embed/OFJq9GYnweE?featu ... detailpage" frameborder="0" allowfullscreen></iframe>
which would be
MISSING the https: to make the embed work
I changed the [youtube] bbcode such that anonym.to is no longer added. So please use https with embeds and they should work without any problems.
- Phuzzy4242
- Site Admin
- Posts: 7686
- Likes: 26753
- Joined: Sun Aug 23, 2009 1:00 am
Re: Embedded Youtube
It's been doing that for several weeks (no http: or https:). Using http: OR https: will work. This fooled me a couple times and I mentioned someone's embed didn't work so I reposted it using http but it turned out to be Firefox's "protection" instead because MY embed didn't work the next time I refreshed my cache.donkeykog wrote:Just a side note on the embeds. I found that I also am having to add info that I did not before on the embeds. As an ex. Infiniters did not work. This is why...
The embed code from youtube:
<iframe width="640" height="360" src="//www.youtube.com/embed/OFJq9GYnweE?featu ... detailpage" frameborder="0" allowfullscreen></iframe>
which would be
MISSING the https: to make the embed work
I NEVER had to add that before but have had to with all my new links in order for it to work. This is a youtube thing that obviously has changed.
You can turn this protection off in Firefox by opening a blank tab and typing about:config in the address bar. Firefox will warn you that you may be violating the warranty (yuk yuk what warranty?) and you have to acknowledge it. Type (or paste) security.mixed_content.block_active_content into the search bar, then double-click the line when it appears, changing true to false. The blocking will be turned off. Repeat the procedure to re-enable it. Credit to mimzy for finding this fix.