Server geändert

htmlpurifier-4.10.0/docs/enduser-youtube.html

@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
-    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head>
+    "https://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="https://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head>
 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
 <meta name="description" content="Explains how to safely allow the embedding of flash from trusted sites in HTML Purifier." />
 <link rel="stylesheet" type="text/css" href="./style.css" />
@@ -15,7 +15,7 @@
 
 <div id="filing">Filed under End-User</div>
 <div id="index">Return to the <a href="index.html">index</a>.</div>
-<div id="home"><a href="http://htmlpurifier.org/">HTML Purifier</a> End-User Documentation</div>
+<div id="home"><a href="https://htmlpurifier.org/">HTML Purifier</a> End-User Documentation</div>
 
 <p>Clients like their YouTube videos. It gives them a warm fuzzy feeling when
 they see a neat little embedded video player on their websites that can play
@@ -26,7 +26,7 @@ content in their pages is something that a lot of people like.</p>
 <p>This is a <em>bad</em> idea. The moment you embed anything untrusted,
 you will definitely be slammed by a manner of nasties that can be
 embedded in things from your run of the mill Flash movie to
-<a href="http://blog.spywareguide.com/2006/12/myspace_phish_attack_leads_use.html">Quicktime movies</a>.
+<a href="https://blog.spywareguide.com/2006/12/myspace_phish_attack_leads_use.html">Quicktime movies</a>.
 Even <code>img</code> tags, which HTML Purifier allows by default, can be
 dangerous. Be distrustful of anything that tells a browser to load content
 from another website automatically.</p>
@@ -48,9 +48,9 @@ into your documents. YouTube's code goes like this:</p>
 
 <pre>
 &lt;object width=&quot;425&quot; height=&quot;350&quot;&gt;
-  &lt;param name=&quot;movie&quot; value=&quot;http://www.youtube.com/v/AyPzM5WK8ys&quot; /&gt;
+  &lt;param name=&quot;movie&quot; value=&quot;https://www.youtube.com/v/AyPzM5WK8ys&quot; /&gt;
   &lt;param name=&quot;wmode&quot; value=&quot;transparent&quot; /&gt;
-  &lt;embed src=&quot;http://www.youtube.com/v/AyPzM5WK8ys&quot;
+  &lt;embed src=&quot;https://www.youtube.com/v/AyPzM5WK8ys&quot;
          type=&quot;application/x-shockwave-flash&quot;
          wmode=&quot;transparent&quot; width=&quot;425&quot; height=&quot;350&quot; /&gt;
 &lt;/object&gt;
@@ -70,7 +70,7 @@ into your documents. YouTube's code goes like this:</p>
 class=&quot;youtube-embed&quot;&gt;AyPzM5WK8ys&lt;/span&gt;</code> your
 application can reconstruct the full object from this small snippet that
 passes through HTML Purifier <em>unharmed</em>.
-<a href="http://repo.or.cz/w/htmlpurifier.git?a=blob;hb=HEAD;f=library/HTMLPurifier/Filter/YouTube.php">Show me the code!</a></p>
+<a href="https://repo.or.cz/w/htmlpurifier.git?a=blob;hb=HEAD;f=library/HTMLPurifier/Filter/YouTube.php">Show me the code!</a></p>
 
 <p>And the corresponding usage:</p>
 
@@ -124,9 +124,9 @@ number.</p>
 tech-savvy enough people not to allow their users to inject malicious
 code into the Flash files.  An exploit on YouTube means an exploit on your
 site.  Even though YouTube is run by the reputable Google, it
-<a href="http://ha.ckers.org/blog/20061213/google-xss-vuln/">doesn't</a>
+<a href="https://ha.ckers.org/blog/20061213/google-xss-vuln/">doesn't</a>
 mean they are
-<a href="http://ha.ckers.org/blog/20061208/xss-in-googles-orkut/">invulnerable.</a>
+<a href="https://ha.ckers.org/blog/20061208/xss-in-googles-orkut/">invulnerable.</a>
 You're putting a certain measure of the job on an external provider (just as
 you have by entrusting your user input to HTML Purifier), and
 it is important that you are cognizant of the risk.</p>