December 23 Update: Our transition to SSL is now complete.

Scalar users with projects hosted on ANVC servers will soon get the benefit of increased security, as we move to encrypted connections via SSL/HTTPS. This transition, part of an industry-wide shift which has already touched most of the sites you use every day, will occur on our Scalar servers on the morning (PST) of December 19. As a result, it’s important that Scalar users with projects on our servers audit their projects for non-HTTPS external media as soon as possible to prevent content from disappearing unexpectedly.

The good news is that most of your non-HTTPS links probably don’t need updating, because the most popular sites on the web already redirect those URLs to their HTTPS counterparts. You can test this by visiting one of your links that begins with http://, and then checking the address bar in your browser once the page comes up. If the address bar now says https://, then the redirect happened automatically and you don’t need to make any changes. If the URL still says http://, however, then you’ve found a link that your browser may prevent Scalar from accessing.

For example, if your media comes from these domains, no changes are needed:

youtube.com
vimeo.com
archive.org
soundcloud.com
criticalcommons.org

In addition, most browsers will still display media files like images, audio, and video loaded from non-HTTPS sources. More complex media embeds and iframes, however, may be blocked.

So where do you look for non-HTTPS links in your Scalar projects?

Media. Most browsers today will still display media files like images, audio, and video loaded from non-HTTPS sources. This could change in the future, however, so it’s worth knowing where your media stands. Any media item in your project that doesn’t originate from one of the domains listed above should be checked.

Embeds and IFrames. Links to non-HTTPS sites from your project’s pages, paths, tags, annotations, and comments will still work. However, any non-HTTPS content embedded into a Scalar page via an iframe or other means will fail to load.

API-driven external projects. This is rare, but if you are loading Scalar content into a non-HTTPS external site via Scalar’s API, that content will stop loading once we make the transition. You’ll need to move your site to HTTPS hosting to continue accessing the API.

We realize this transition may be confusing, and we’re here to answer any questions you may have—please don’t hesitate to reach out to us. We’ll post additional updates as the switch nears.

Photo by Markus Spiske on Unsplash