YouTube IFrame API generates mixed content warning with HTTPS + HTML5

Question

When I embed youtube on an HTTPS page using the iframe api in HTML5 mode , it still pulls the actual stream using HTTP, which generates a mixed content warning. Is this usecase

Answer 1

You can fix this by configuring your iframe API script to look like this.

Use '//' for the tag src

var tag = document.createElement('script');
tag.src = "//www.youtube.com/iframe_api";
var firstScriptTag = document.getElementsByTagName('script')[0];
firstScriptTag.parentNode.insertBefore(tag, firstScriptTag);
var url = window.location.pathname; 

This will cause the player to load the resources using the same protocol as the page it is embedded on.