Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Javascript API does not work over https (SSL)


Hello,

I have created the most simple page I can using a standard flv file and version 4 of the FLV player. The page has one link on it which sends the play event to the player.

This works fine over http but as soon as I switch onto https (SSL) the Javascript API no longer works. I am referencing the flv file from the same domain as the html page so I don't see how cross-domain security mentioned in other posts could be affecting it.

Is this a known feature? Any help on this would be gratefully appreciated.

I have set up a demonstration of the problem here http://www.myvideorights.com/jwtest.html

simply change http to https to switch to SSL

I left the alert(player) in the playMe function so you can see it is still returning an object.

I have also tried using explicit non-relative links to the swf and js files e.g. https://www.myvideorights.com/player.swf

I have to use SSL by the way.

Thanks,
Laurie

16 Community Answers

JW Player

User  
0 rated :

Perhaps this article will be useful. *http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_14213*

Scroll down to: *A secure server that allows access to movies hosted via a non-secure protocol*

I've never done this, but it appears that you may need a cross-domain policy file on your server root. I'm not absolutely certain (you would have to check your server logs), but the player may be making a request for the video using the http protocol.

JW Player

User  
0 rated :

Does anyone have an example of the Javascript API working over https?

JW Player

User  
0 rated :

Also, the player still loads the flv over https - it is just the play command via the Javascript API that does not work.

JW Player

User  
0 rated :



Can anyone show me an example of the Javascript API working over HTTPS?

I went through all the sites in the Javascript showcase but none of them support https.

I would love to know if it is possible.

Thanks.

JW Player

User  
0 rated :


@kLink - I uploaded a crossdomain.xml but it has not affected things. The player still will not respond to the play event over https.

JW Player

User  
0 rated :

Along with the Adobe Flash Player being sandboxed, all modern browsers also sandbox JavaScript.

This means that you can only execute JavaScript that comes from the exact same domain as the HTML page that contains the JavaScript. This prevents cross-site scripting.

In your cross-domain policy file, did you set the *secure* attribute to false?

Reference: *http://www.adobe.com/devnet/articles/crossdomain_policy_file_spec.html*

JW Player

User  
0 rated :


@kLink

Thanks for your help, but the reason the video is not playing is the way the player is coded. If you open the source code of ExternalView.as on line 57 you see the following....

if(ExternalInterface.available && view.skin.loaderInfo.url.indexOf('http://') == 0) {
listeners = new Array();
try {
ExternalInterface.addCallback("getConfig", getConfig);
ExternalInterface.addCallback("getPlaylist", getPlaylist);
ExternalInterface.addCallback("addControllerListener", addControllerListener);
ExternalInterface.addCallback("addModelListener", addModelListener);
ExternalInterface.addCallback("addViewListener", addViewListener);
ExternalInterface.addCallback("sendEvent", view.sendEvent);
} catch (err:Error) {}
setTimeout(playerReady,50);
}

so you can see the listeners are not attached over https which explains the symptoms exactly.

I have recompiled the source code into what I have called a "secure jw flv player".

this works now.

I suggest that as a future enhancement this line

if(ExternalInterface.available && view.skin.loaderInfo.url.indexOf('http://') == 0) {

could be changed to something like this

if(ExternalInterface.available && (view.skin.loaderInfo.url.indexOf('http://') == 0 || view.skin.loaderInfo.url.indexOf('https://') == 0) {

this will then allow the player to play over both http and https
Thanks

JW Player

User  
0 rated :

I want to know, if this problem will be fixed in 4.1 version of the JW FLV Player.
Is this problem already reported? I couldn't find any ticket at http://code.jeroenwijering.com/trac/report

JW Player

User  
0 rated :

@ Laurie B

Any chance you could upload your compiled https version somewere (like www.mediafire.com )?

I don't posses a copy of Adobe Flash, so I'm not able to editing and compile the player myself.
I'm sure Jeroen will fix this problem in v4.1, but for the time being i'd like to be able to keep developing on it!

Thanks in advance!

Erie

JW Player

User  
0 rated :

Hi All

I thought I was having SSL issues when in fact I was having issues with the server not having the FLV MIME type configured in IIS - when I fixed this the standard code worked for my implementation with SSL

I tried recompiling with Laurie's modified code
if(ExternalInterface.available && (view.skin.loaderInfo.url.indexOf('http://') == 0) || (view.skin.loaderInfo.url.indexOf('https://') == 0)) {
(you dropped a bracket)

And that works fine also - but I have not found the need with my particuar settings.

Erie I have uploaded it here none the less: http://www.mediafire.com/?sharekey=c71bdbae907b012b95af63b7d44918aa0a38016d6c5ab040
It may or may not help, but i'd be interested to know if it does

My real issue:
I am very interested to know if anyone has a fix for the WMV Media Player however as this doesn't work behind SSL

Cheers
Gunter


JW Player

User  
0 rated :


@Erie

let me know if you still need the secure player...

JW Player

User  
0 rated :

@Gunter:
I'm not using IIS but Apache. I'm not sure if your MIME type configuration solution could work for Apache... It might, but I'm not the server admin. Also i'd like my application to be portable to different servers, without having to change server configurations.
The recompiled SSL version you provided works excelent for me thought!

Thanks to Calvin and Laurie B for comming up with this fix and Gunter for posting a compiled version.

@Laurie B:
Thanks, but no thanks, all my troubles are over :-)

JW Player

User  
0 rated :

@Gunter or @Laurie

I think I may need the version with the SSL fix. The link to the mediafire upload isn't working now. Can either of you help please? Thanks.

JW Player

User  
0 rated :

@Gunter or @Laurie

I second what Roger P said, do you have the SSL fix version anywhere else?

Thanks alot for your help in this thread as it has saved a whole load of head scratching/banging.

Adam

JW Player

User  
0 rated :

im having these same issues.

basic run down:

crossdomain correct, secure is set to false, all from ports * etc etc.

flash player is hosted on https://....

user is browsing http://

readyPlayer is fired no problem, obj is passed.

but it appears that the player is in 'read only' mode, thus adding any of the listeners is not possible...

any idea what i can do to fix this? i have a copy of flash handy and am willing to makes some changes...

JW Player

User  
0 rated :

I got everything working great, and then of course some stupid limitation like no SSL! So now I am redirecting everywhere, trying to manage all of this nonsense.

Screw This...

This question has received the maximum number of answers.