how to embed a youku video on an HTTPS site?

Youku player serves some resources (like preview images or alternative sources for video) under http, not https - and this might be the main culprit of "partially insecure content" issue in browsers. This problem is caused by Youku player itself, it's quite possible to change the code loaded from their servers.

However, the problem can be solved in most simple and convenient way by rewriting insecure http requests on given page with secure https requests - it possible to achieve this by including CSP meta tag in page header:

  <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests">

The "Content-Security-Policy" response header allows to control resources the user agent is allowed to load on given page (more information here).

What "upgrade-insecure-requests" directive does: "Instructs user agents to treat all of a site's insecure URLs (those served over HTTP) as though they have been replaced with secure URLs (those served over HTTPS). This directive is intended for web sites with large numbers of insecure legacy URLs that need to be rewritten."

The original solution was found in this post.

hi，we had supported（sorry for later）

for example:

1

<iframe height=498 width=510 src='https://player.youku.com/embed/XMTg3Nzg4MzY4NA==' frameborder=0 'allowfullscreen'></iframe>

2

https://player.youku.com/player.php/sid/XMTg3Nzg4MzY4NA==/v.swf

3:

<embed src='https://player.youku.com/player.php/sid/XMTg3Nzg4MzY4NA==/v.swf allowFullScreen='true' quality='high' width='480' height='400' align='middle' allowScriptAccess='always' type='application/x-shockwave-flash'></embed>