YouTube videos play with Flash instead of HTML5 if using HTTPS
Recently, I've noticed that when playing a YouTube video with HTTPS in its URL it plays with Flash instead of HTML5 even if I have the HTML5 trial enabled.
Searching I found this: https://github.com/klemens/ff-youtube-all-html5/issues/24
In one of the links posted there, it said that videos could be played with HTML5 if you're not logged in. In fact, I can only play them when I'm not logged in, but only changing HTTPS to HTTP. (if I try with HTTPS it plays with Flash too)
If I try to change it to HTTP while being logged in it still uses HTTPS instead.
The curious thing is that whether being logged in or not, if it's using HTTPS the video plays with Flash and it isn't actually using SSL (anyway, I have "security.ssl3.rsa_rc4_128_sha" set to true).
Firefox says it's using "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" so I don't really know why it doesn't work.
Any ideas?
Bewurke troch DaRk_St0rM op
Alle antwurden (8)
This may be because of a cookie problem, are your YouTube cookies automatically deleted?
Mmm, Firefox is set to delete navigation history and stuff when closed,but I'm not really sure about that.How could I check?
Go to settings, then Privacy. If it says under History: Firefox will never remember history then it will use the same settings as private browsing. I recommend using the add-on "Self-destructing cookies". Change the setting (for Firefox) to Firefox will remember history and use Self-Destructing cookies. This will destroy cookies for all sites unless you want them. This may solve your problem, but it may not if the problem isn't a cookie problem.
Ok I just tried it, videos still play with Flash. Thanks for your answer anyway :)
I just tried getting the "videoplayback" URL of a HTML5 video and opening it directly in Firefox, if I change to HTTPS Firefox says it's using "SSL_RSA_WITH_RC4_128_SHA", so I guess that bug was right and actually YouTube can use TLS, but the video servers need to use RC4.
But again, I have "security.ssl3.rsa_rc4_128_sha" set to true in my about:config.Are there any other variables there which could be causing this behavior?
Sorry, I don't know...
Today I had the opportunity to use a GNU/Linux system.YouTube videos could be played perfectly even while being logged in using HTML5 and HTTPS, at least with WebM. It's rather curious.
EDIT: I tried in Windows now, it's working too. It still uses "SSL_RSA_WITH_RC4_128_SHA" but for some reason the problem is gone.
Bewurke troch DaRk_St0rM op
SSL_RSA_WITH_RC4_128_SHA (TLS_RSA_WITH_RC4_128_SHA) is only used to contact the servers that host the actual media files (TLS 1.2 or 1.1 should be used) and not for the main files used on the YouTube site.
See also: