If a page is served over SSL (https), then any content loaded from non-SSL
sources (e.g. http://youtube.com/) will cause errors to show in the
browser. To prevent this, it's best to use the SSL equivelants where they
exist (e.g. https://youtube.com/).
Unfortunately, it isn't possible to accurately determine whether the
current page is loaded over an SSL connection or not in Moodle.
Since including content from an external SSL site on a non-SSL moodle page
does not lead to browser warnings, but non-SSL external content on an SSL
moodle page does, we always use SSL where available.
Note: This does not lead to any additional processing requirements for the
moodle site.
This fixes WCAG 2.0 compliance because we were already using HTML5 markup.
The strict XML headers setting never worked for production servers, developers
used browser validators for compliance testing. XHTML 5 option is relatively
similar to this obsolete option, but still it can not be used on production servers.
XHTML Strict 1.x was a standardised dead end, HTML5 is the new de-facto-standard
supported by all major browsers including latest versions of IE.
Please note nothing changes in our coding style because HTML5 is a superset of
several previous standards, it is recommended to use only features that are
already implemented in all our supported browsers.
