I tend to embed YouTube clips pretty regularly over at Jason Off The Clock but if you don’t check out the embed options as frequently, things have been changing in that area recently. Iframe embedding has gone from beta to the default for clip embedding while the previous object/embed code is now only accessible if you check the box ‘use old embed code’ or ‘Enable privacy-enhanced mode’. Today, a new change was added to the options: ‘Use HTTPS’. In both new and old code, checking this box changes the http://www.you… to https://www.you…
This also correctly implies that you could be (and should be) browsing YouTube through its SSL-enabled site: https://www.youtube.com. This is of particular importance when logging into YouTube over a public, unsecured WiFi network lest your account (which may be tied to your Google account) get easily picked up by FireSheep or other packet sniffers.
The YouTube Help Page expounds on the subject:
HTTPS, the secure counterpart to HTTP, wraps a layer of encryption around the information traveling between your computer and a web server. This is typically used to provide enhanced privacy and security for services like web browsing, e-mail and instant messaging.Many sites that offer HTTPS support include content from other sites. When some parts of the site are not accessed using HTTPS, browsers generate a “mixed content” warning since not all items on this page are secure. Sites that use HTTPS and add default YouTube video embeds could generate this warning. To avoid that, and to allow your site to support HTTPS more consistently, you can choose the new Use HTTPS embed option.
It is important to note that while embed components are all supported using HTTPS and do not generate the mixed content error, we do not yet support video streams over HTTPS.
Using HTTPS option for embeds
If you’d like to use HTTPS embeds for a video that you’re about to embed on another site, simply:
- Find the video that you’d like to embed.
- Go to the video watch page and click on the Embed button below the video player. You’ll see various options, including the Use HTTPS checkbox, directly below the embed code.
- Click the Use HTTPS checkbox to enable HTTPS on the embed of this video
- Copy the video’s embed code and paste the code into the section of the site where you’d like the video embedded. The video will be embedded in HTTPS mode.
It’s also interesting to note that this page was updated tomorrow…