This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
Mixed Content (https://w3c.github.io/webappsec/specs/mixedcontent/) provides a mechanism for secure origins to load audio/video/source content from insecure origins as optionally-blockable content (though the user agent, the document settings, or the user could block the load, and the user agent should indicate that mixed content is present). However, the same insecure origin content does not work with secure origin MSE because it is treated as blocked content. This bug tracks aligning MSE with the existing Mixed Content behavior for video.src=.
A current proposal for allowing MSE to work with mixed content is described in https://lists.w3.org/Archives/Public/public-html-media/2015Apr/0013.html. Roughly, the proposal depends on: Streams API defining an opaque Stream with properties [described in the proposal] . Fetch implementing support for opaque Responses [described in the proposal] Fetch exposing Streams, including opaque ones, from the Response object. Mixed Content spec including opaque Responses and/or Streams as appropriate.
Whilst I don't have any particular objections to this, I'd note that no one responded to the original proposal to indicate that they would find this useful.
This bug has been migrated to the GitHub issue tracker. Please follow/update progress using the GitHub issue: https://github.com/w3c/media-source/issues/22