Help

HTTPS TokBox video opentok.min.js is Unsecure

Ask questions about how to do or fix things in Arrowchat
Post a reply
User avatar
ntorres
Customer
 
Posts: 5
Joined: 08 Oct 2015, 10:12

 

by ntorres 23 Dec 2015, 16:33

When using HTTPS for the site, with Secure messaging enabled in ArrowChat, and TokBox configured for video chat, users are not able to video chat unless they allow unsecure content on the page.

Messaging is working just fine, but there is still content on the page that is insecure, namely the Gravatar links. This can be bypassed by disabling Gravatars, but this isn't ideal nor the main issue.

When accepting a video chat, the page remains white with the loading gif and that's it. With FireBug enabled you get the message:
Blocked loading mixed active content "http://static.opentok.com/webrtc/v2.2/js/opentok.min.js"

You cannot video chat unless you allow insecure content, this is not acceptable.

How do we fix this?
User avatar
INanaa
Customer
 
Posts: 8
Joined: 30 Nov 2015, 02:09

 

by INanaa 01 Jan 2016, 01:17

I got the same problem as above but with tineychat ! using https in my site as well.
User avatar
Jason
Customer
 
Posts: 2356
Joined: 12 Dec 2009, 16:06

 

by Jason 01 Jan 2016, 14:29

In the arrowchat/public/video/index.php file, you need to update the script to https://static.opentok.com/v2/js/opentok.min.js. We've fixed this in the next update.
User avatar
ntorres
Customer
 
Posts: 5
Joined: 08 Oct 2015, 10:12

 

by ntorres 06 Jan 2016, 08:39

Jason wrote:In the arrowchat/public/video/index.php file, you need to update the script to https://static.opentok.com/v2/js/opentok.min.js. We've fixed this in the next update.


What about the invitation links?

I had to manually update arrowchat/public/video/invited.php line 49 and replace http with https in order to use the Invite button in the chat window.

But when initiating a video chat with another member, clicking the Accept button again redirects to http. Where in the code can I change that to use https? This executes a javascript function, but I can't easily figure out where the link value is created in order to change it.

When can we expect an update from arrow chat with regards to these https issues?

Will this new version offer 100% support for https websites?

Chrome has already dropped support for video over http so any Chrome users cannot use this video chat service on https sites, so these are urgent issues which need to be fixed.
User avatar
ntorres
Customer
 
Posts: 5
Joined: 08 Oct 2015, 10:12

 

by ntorres 06 Jan 2016, 08:52

The javascript executed when clicking accept is:
jqac.arrowchat.videoWith( SOME_SESSION_VAR );

Thank you.
User avatar
Jason
Customer
 
Posts: 2356
Joined: 12 Dec 2009, 16:06

 

by Jason 06 Jan 2016, 12:28

When clicking the accept link, we do not specify http or https. The popup is built as follows:

{ArrowChat base URL}/public/video/
Post a reply
Return to “ArrowChat Troubleshooting and Installation Help”