[vlc-commits] lua/http: use HTTPS to link to third-party web assets from frontend
Pierre Ynard
git at videolan.org
Fri Aug 7 19:21:23 CEST 2020
vlc | branch: master | Pierre Ynard <linkfanel at yahoo.fr> | Fri Aug 7 19:19:54 2020 +0200| [49cddd79e05a7280914b4124c9dba3cabb7a8d80] | committer: Pierre Ynard
lua/http: use HTTPS to link to third-party web assets from frontend
This is recommended good practice, as it improves security. This is also
necessary to serve VLC's web interface frontend over HTTPS.
Fixes #21216
Based on a patch from Noam Lerner <noam.lerner at gmail.com>, thanks!
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=49cddd79e05a7280914b4124c9dba3cabb7a8d80
---
share/lua/http/dialogs/stream_config_window.html | 2 +-
share/lua/http/index.html | 8 ++++----
share/lua/http/js/ui.js | 4 ++--
share/lua/http/mobile.html | 6 +++---
share/lua/http/mobile_browse.html | 4 ++--
share/lua/http/mobile_equalizer.html | 4 ++--
share/lua/http/mobile_view.html | 8 ++++----
share/lua/http/view.html | 8 ++++----
8 files changed, 22 insertions(+), 22 deletions(-)
diff --git a/share/lua/http/dialogs/stream_config_window.html b/share/lua/http/dialogs/stream_config_window.html
index d219c6d403..12737aa190 100644
--- a/share/lua/http/dialogs/stream_config_window.html
+++ b/share/lua/http/dialogs/stream_config_window.html
@@ -8,7 +8,7 @@
"<?vlc gettext("Okay") ?>":function(){
$('#player').empty();
$('#player').attr('href',$('#stream_protocol').val()+'://'+$('#stream_host').val()+':'+$('#stream_port').val()+'/'+$('#stream_file').val());
- flowplayer("player", "http://releases.flowplayer.org/swf/flowplayer-3.2.7.swf");
+ flowplayer("player", "https://releases.flowplayer.org/swf/flowplayer-3.2.7.swf");
$(this).dialog('close');
},
"<?vlc gettext("Cancel") ?>":function(){
diff --git a/share/lua/http/index.html b/share/lua/http/index.html
index 4a8a4ff51c..c96d411d95 100644
--- a/share/lua/http/index.html
+++ b/share/lua/http/index.html
@@ -36,8 +36,8 @@
</script>
<link type="text/css" href="css/ui-lightness/jquery-ui-1.8.13.custom.css" rel="stylesheet" />
<link type="text/css" href="css/main.css" rel="stylesheet" />
- <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
- <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js"></script>
+ <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
+ <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js"></script>
<script type="text/javascript" src="js/jquery.jstree.js"></script>
<script type="text/javascript" src="js/ui.js"></script>
<script type="text/javascript" src="js/controllers.js"></script>
@@ -189,9 +189,9 @@
$('#viewContainer').animate({height: 'toggle'});
});
/* delay script loading so we won't block if we have no net access */
- $.getScript('http://releases.flowplayer.org/js/flowplayer-3.2.6.min.js', function(data, textStatus){
+ $.getScript('https://releases.flowplayer.org/js/flowplayer-3.2.6.min.js', function(data, textStatus){
$('#player').empty();
- flowplayer("player", "http://releases.flowplayer.org/swf/flowplayer-3.2.7.swf");
+ flowplayer("player", "https://releases.flowplayer.org/swf/flowplayer-3.2.7.swf");
/* .getScript only handles success() */
});
//]]>
diff --git a/share/lua/http/js/ui.js b/share/lua/http/js/ui.js
index 3950bf056c..83e5c23294 100644
--- a/share/lua/http/js/ui.js
+++ b/share/lua/http/js/ui.js
@@ -69,7 +69,7 @@ $(function () {
break;
case 'stream':
sendVLMCmd('control Current play');
- flowplayer("player", "http://releases.flowplayer.org/swf/flowplayer-3.2.7.swf");
+ flowplayer("player", "https://releases.flowplayer.org/swf/flowplayer-3.2.7.swf");
break;
}
} else {
@@ -102,7 +102,7 @@ $(function () {
}
var urlimg = location.href + 'mobile.html';
var codeimg = $('<img width="350" height="350" alt="qrcode"/>');
- codeimg.attr('src', 'http://chart.apis.google.com/chart?cht=qr&chs=350x350&chld=L&choe=UTF-8&chl=' + encodeURIComponent(urlimg));
+ codeimg.attr('src', 'https://chart.apis.google.com/chart?cht=qr&chs=350x350&chld=L&choe=UTF-8&chl=' + encodeURIComponent(urlimg));
codeimg.dialog({width: 350, height: 350, title: 'QR-Code'});
return false;
});
diff --git a/share/lua/http/mobile.html b/share/lua/http/mobile.html
index efac88c3ab..31b932f3dc 100644
--- a/share/lua/http/mobile.html
+++ b/share/lua/http/mobile.html
@@ -31,10 +31,10 @@
<script type="text/javascript" src="js/common.js"></script>
<link type="text/css" href="css/ui-lightness/jquery-ui-1.8.13.custom.css" rel="stylesheet" />
<link type="text/css" href="css/mobile.css" rel="stylesheet" />
- <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
- <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js"></script>
+ <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
+ <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js"></script>
<script type="text/javascript" src="js/jquery.jstree.js"></script>
- <script type="text/javascript" src="http://releases.flowplayer.org/js/flowplayer-3.2.6.min.js"></script>
+ <script type="text/javascript" src="https://releases.flowplayer.org/js/flowplayer-3.2.6.min.js"></script>
<script type="text/javascript" src="js/ui.js"></script>
<script type="text/javascript" src="js/controllers.js"></script>
<script type="text/javascript">
diff --git a/share/lua/http/mobile_browse.html b/share/lua/http/mobile_browse.html
index 51f65406c5..82e9997840 100644
--- a/share/lua/http/mobile_browse.html
+++ b/share/lua/http/mobile_browse.html
@@ -29,8 +29,8 @@
<script type="text/javascript" src="js/common.js"></script>
<link type="text/css" href="css/ui-lightness/jquery-ui-1.8.13.custom.css" rel="stylesheet" />
<link type="text/css" href="css/main.css" rel="stylesheet" />
- <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
- <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js"></script>
+ <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
+ <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js"></script>
<script type="text/javascript" src="js/jquery.jstree.js"></script>
<script type="text/javascript" src="js/controllers.js"></script>
<script type="text/javascript">
diff --git a/share/lua/http/mobile_equalizer.html b/share/lua/http/mobile_equalizer.html
index 7341109bce..4406741b65 100644
--- a/share/lua/http/mobile_equalizer.html
+++ b/share/lua/http/mobile_equalizer.html
@@ -29,8 +29,8 @@
<script type="text/javascript" src="js/common.js"></script>
<link type="text/css" href="css/ui-lightness/jquery-ui-1.8.13.custom.css" rel="stylesheet" />
<link type="text/css" href="css/main.css" rel="stylesheet" />
- <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
- <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js"></script>
+ <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
+ <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js"></script>
<script type="text/javascript" src="js/jquery.jstree.js"></script>
<script type="text/javascript" src="js/controllers.js"></script>
<script type="text/javascript">
diff --git a/share/lua/http/mobile_view.html b/share/lua/http/mobile_view.html
index f7660e31ae..69c288682d 100644
--- a/share/lua/http/mobile_view.html
+++ b/share/lua/http/mobile_view.html
@@ -29,18 +29,18 @@
<script type="text/javascript" src="js/common.js"></script>
<link type="text/css" href="css/ui-lightness/jquery-ui-1.8.13.custom.css" rel="stylesheet" />
<link type="text/css" href="css/main.css" rel="stylesheet" />
- <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
- <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js"></script>
+ <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
+ <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js"></script>
<script type="text/javascript" src="js/jquery.jstree.js"></script>
<script type="text/javascript" src="js/controllers.js"></script>
<script type="text/javascript" src="js/ui.js"></script>
<script type="text/javascript">
var pollStatus = false;
/* delay script loading so we won't block if we have no net access */
- $.getScript('http://releases.flowplayer.org/js/flowplayer-3.2.6.min.js', function(data, textStatus){
+ $.getScript('https://releases.flowplayer.org/js/flowplayer-3.2.6.min.js', function(data, textStatus){
$('#player').empty();
$('#player').attr('href',$('#stream_protocol').val()+'://'+$('#stream_host').val()+':'+$('#stream_port').val()+'/'+$('#stream_file').val());
- flowplayer("player", "http://releases.flowplayer.org/swf/flowplayer-3.2.7.swf");
+ flowplayer("player", "https://releases.flowplayer.org/swf/flowplayer-3.2.7.swf");
/* .getScript only handles success() */
});
</script>
diff --git a/share/lua/http/view.html b/share/lua/http/view.html
index 07ddd0d6cf..a155ff7e53 100644
--- a/share/lua/http/view.html
+++ b/share/lua/http/view.html
@@ -29,9 +29,9 @@
<link type="text/css" href="css/ui-lightness/jquery-ui-1.8.13.custom.css" rel="stylesheet" />
<link type="text/css" href="css/main.css" rel="stylesheet" />
<script type="text/javascript" src="js/common.js"></script>
- <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
- <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js"></script>
- <script type="text/javascript" src="http://releases.flowplayer.org/js/flowplayer-3.2.6.min.js"></script>
+ <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.6.1/jquery.min.js"></script>
+ <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.13/jquery-ui.min.js"></script>
+ <script type="text/javascript" src="https://releases.flowplayer.org/js/flowplayer-3.2.6.min.js"></script>
<script type="text/javascript">
//<![CDATA[
$(function(){
@@ -50,7 +50,7 @@
});
$('#player').empty();
$('#player').attr('href',$('#stream_protocol').val()+'://'+$('#stream_host').val()+':'+$('#stream_port').val()+'/'+$('#stream_file').val());
- flowplayer("player", "http://releases.flowplayer.org/swf/flowplayer-3.2.7.swf");
+ flowplayer("player", "https://releases.flowplayer.org/swf/flowplayer-3.2.7.swf");
});
//]]>
</script>
More information about the vlc-commits
mailing list