HTTPS and the Triton Digital V4 Player
Last Updated -
This article is for: station technicians, managers, etc.
Using: Triton Digital V4 Player.
Objective: Understand Triton Digital's support for HTTPS and the V4 Player.
More and more web sites and web services are migrating from HTTP to secure HTTPS. Triton Digital supports HTTPS everywhere that it is required; but it is important to understand that it is not required everywhere. Using HTTPS where it is not needed could lead to other issues.
Currently, Triton Digital supports HTTPS for the following items:
- Mobile and Player SDKs;
- Widget-based players;
- Player Services and other data endpoints;
- Webcast Metrics;
- Tap, and delivery of ads.
However, it is not necessary to use HTTPS with the V4 Player for several reasons, including:
- The V4 Player is a "standalone" site that is not integrated with other HTTPS content.
- The V4 Player does not have interaction features where the listener enters data that needs to be secured. (The listener can search for a show in the schedules, but this does not reveal any personal or targeting information that requires a secure HTTPS connection.)
Bear in mind the trend in which listeners are moving away from web browser-based players like the V4 Player, and towards players on mobile devices which usually allow for more interactions with the listener. Triton Digital's mobile SDK does support HTTPS for these applications.
It boils down to this: the V4 Player does not use HTTPS because it does not handle interactions that use personal information for targeting, and as such, there is nothing that needs to be secured. It's a bit like asking why an empty room doesn't have a lock on the door; the answer is because there's nothing in the room that needs to be protected.
Your V4 Player listeners should not experience any inconvenience when using the player's HTTP connection for normal listening. Due to recent changes in the Google Chrome browser, they will see a small "Page is not secure" warning if they interact with the player -- which in V4 is limited to searching the schedule -- but the warning is discreet and easily dismissed. It will not block the stream or prevent your listeners from hearing your live stream or your ads.
Note: as of Chrome 62, listeners will also see this warning if they use the V4 Player in "Incognito" mode, but again, the warning is easily dismissed and does not indicate a specific security problem.
For more information, see Google's Security Blog: