My webapp uses YUI library exactly as recommended in the doc:
<script src="http://yui.yahooapis.com/3.18.1/build/yui/yui-min.js"></script>
PROBLEM: Modern browsers do not load it anymore, citing mixed HTTPS/HTTP concerns.
Replacing http with https in the URL above does not work (they have a certificate problem).
Copying yui-min.js to my HTTPS domain does not work either, because the JavaScript seems to contain its own URL within its minified source code, for instance here:
[...] var p,b,q="3.4.1",h=".",n="http://yui.yahooapis.com/",t= [...]
I tried modifying the variable above directly in the minified code, but that broke things as now YUI for some reason tries to load https://myserver/combo, which obviously does not exist.
QUESTION: What is the right way to switch the YUI library to HTTPS?
http://blog.andrewbruce.net/why-is-serving-yui3-over-https-so-hard describes this problem as "one of the most frustrating development problems I’ve come across in my career", and describe how 3 techniques failed, and how he resorted to perform network sniffing and identify traffic for each browser he wanted to support. I would like to avoid this as I can not test on all browsers.
A recent glimmer of hope is the appearance of https://yui-s.yahooapis.com/combo?2.6.0/build/animation/animation-min.js which might lead to a usable HTTPS/YUI without having to go through much trouble.
Similar old question, but sole answer is based on YUI Configurator, which has been deprecated and is now unavailable.
