From 7eb5ff250ad72f21211f42d9c78ffe2cbfc998cc Mon Sep 17 00:00:00 2001
From: Romain Deltour <rdeltour@gmail.com>
Date: Mon, 21 Nov 2022 01:50:53 +0100
Subject: [PATCH] feat: warn about non-HTTPS remote resource references

This commit introduces a new check `RSC-031` (warning) that is reported
when a reference to a remote resource (font, audio, video) is not using
HTTPS.

Fix #1337
---
 .../epubcheck/messages/DefaultSeverities.java |  1 +
 .../adobe/epubcheck/messages/MessageId.java   |  1 +
 .../com/adobe/epubcheck/opf/XRefChecker.java  | 50 ++++++++++++-------
 .../messages/MessageBundle.properties         |  1 +
 .../EPUB/content_001.xhtml                    |  4 +-
 .../EPUB/package.opf                          |  4 +-
 .../EPUB/content_001.xhtml                    |  4 +-
 .../EPUB/package.opf                          |  4 +-
 .../EPUB/content_001.xhtml                    |  4 +-
 .../EPUB/package.opf                          |  5 +-
 .../EPUB/content_001.xhtml                    | 11 ++++
 .../EPUB/nav.xhtml                            | 14 ++++++
 .../EPUB/package.opf                          | 20 ++++++++
 .../EPUB/style.css                            |  4 ++
 .../META-INF/container.xml                    |  6 +++
 .../mimetype                                  |  1 +
 .../EPUB/content_001.xhtml                    |  4 +-
 .../EPUB/package.opf                          |  5 +-
 .../epub3/03-resources/resources.feature      |  6 +++
 .../EPUB/content_001.xhtml                    |  2 +-
 .../EPUB/package.opf                          |  2 +-
 .../EPUB/chapter_001_overlay.smil             |  2 +-
 .../EPUB/package.opf                          |  2 +-
 .../EPUB/content_001.xhtml                    |  2 +-
 .../EPUB/package.opf                          |  2 +-
 .../EPUB/content_001.xhtml                    |  4 +-
 .../EPUB/package.opf                          |  2 +-
 .../EPUB/content_001.xhtml                    |  2 +-
 .../EPUB/content_001.xhtml                    |  2 +-
 .../EPUB/package.opf                          |  2 +-
 30 files changed, 123 insertions(+), 50 deletions(-)
 create mode 100644 src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/EPUB/content_001.xhtml
 create mode 100644 src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/EPUB/nav.xhtml
 create mode 100644 src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/EPUB/package.opf
 create mode 100644 src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/EPUB/style.css
 create mode 100644 src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/META-INF/container.xml
 create mode 100644 src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/mimetype

diff --git a/src/main/java/com/adobe/epubcheck/messages/DefaultSeverities.java b/src/main/java/com/adobe/epubcheck/messages/DefaultSeverities.java
index aaa61f901..8a2fbcf73 100644
--- a/src/main/java/com/adobe/epubcheck/messages/DefaultSeverities.java
+++ b/src/main/java/com/adobe/epubcheck/messages/DefaultSeverities.java
@@ -347,6 +347,7 @@ private void initialize()
     severities.put(MessageId.RSC_028, Severity.ERROR);
     severities.put(MessageId.RSC_029, Severity.ERROR);
     severities.put(MessageId.RSC_030, Severity.ERROR);
+    severities.put(MessageId.RSC_031, Severity.WARNING);
 
     // Scripting
     severities.put(MessageId.SCP_001, Severity.SUPPRESSED); // checking scripts is out of scope
diff --git a/src/main/java/com/adobe/epubcheck/messages/MessageId.java b/src/main/java/com/adobe/epubcheck/messages/MessageId.java
index c1f2a6135..cb0939912 100644
--- a/src/main/java/com/adobe/epubcheck/messages/MessageId.java
+++ b/src/main/java/com/adobe/epubcheck/messages/MessageId.java
@@ -341,6 +341,7 @@ public enum MessageId implements Comparable<MessageId>
   RSC_028("RSC-028"),
   RSC_029("RSC-029"),
   RSC_030("RSC-030"),
+  RSC_031("RSC-031"),
 
   // Messages relating to scripting
   SCP_001("SCP-001"),
diff --git a/src/main/java/com/adobe/epubcheck/opf/XRefChecker.java b/src/main/java/com/adobe/epubcheck/opf/XRefChecker.java
index 731841ffb..b284c83a2 100755
--- a/src/main/java/com/adobe/epubcheck/opf/XRefChecker.java
+++ b/src/main/java/com/adobe/epubcheck/opf/XRefChecker.java
@@ -286,7 +286,7 @@ public Optional<OPFItem> getResource(URL url)
    * Returns set (possibly multiple) types of references to the given resource
    * 
    * @param path
-   *          the path to a publication resource
+   *        the path to a publication resource
    * @return an immutable {@link EnumSet} containing the types of references to
    *           {@code path}.
    */
@@ -428,24 +428,38 @@ private void checkReference(URLReference reference)
     URLFragment fragment = URLFragment.parse(reference.url, targetMimetype);
 
     // Check remote resources
-    if (container.isRemote(reference.url)
-        // remote links and hyperlinks are not Publication Resources
-        && !EnumSet.of(Type.LINK, Type.HYPERLINK).contains(reference.type)
-        // spine items are checked in OPFChecker30
-        && !(version == EPUBVersion.VERSION_3 && targetResource != null
-            && targetResource.isInSpine())
-        // audio, video, and fonts can be remote resources in EPUB 3
-        && !(version == EPUBVersion.VERSION_3 && (targetResource != null
-            // if the item is declared, check its mime type
-            && (OPFChecker30.isAudioType(targetResource.getMimeType())
-                || OPFChecker30.isVideoType(targetResource.getMimeType())
-                || OPFChecker30.isFontType(targetResource.getMimeType()))
-            // else, check if the reference is a type allowing remote resources
-            || reference.type == Type.FONT || reference.type == Type.AUDIO
-            || reference.type == Type.VIDEO)))
+    if (container.isRemote(reference.url))
     {
-      report.message(MessageId.RSC_006, reference.location.context(reference.targetDoc.toString()));
-      return;
+      // Check if the remote reference is allowed
+      if (// remote links and hyperlinks are not Publication Resources
+      !EnumSet.of(Type.LINK, Type.HYPERLINK).contains(reference.type)
+          // spine items are checked in OPFChecker30
+          && !(version == EPUBVersion.VERSION_3 && targetResource != null
+              && targetResource.isInSpine())
+          // audio, video, and fonts can be remote resources in EPUB 3
+          && !(version == EPUBVersion.VERSION_3 && (targetResource != null
+              // if the item is declared, check its mime type
+              && (OPFChecker30.isAudioType(targetResource.getMimeType())
+                  || OPFChecker30.isVideoType(targetResource.getMimeType())
+                  || OPFChecker30.isFontType(targetResource.getMimeType()))
+              // else, check if the reference is a type allowing remote
+              // resources
+              || reference.type == Type.FONT || reference.type == Type.AUDIO
+              || reference.type == Type.VIDEO)))
+      {
+        report.message(MessageId.RSC_006,
+            reference.location.context(reference.targetDoc.toString()));
+        return;
+      }
+      // Check if the remote resource is using HTTPS
+      else if (version == EPUBVersion.VERSION_3
+          && !EnumSet.of(Type.LINK, Type.HYPERLINK).contains(reference.type)
+          && !"https".equals(reference.url.scheme())
+          // file URLs are disallowed and reported elsewhere
+          && !"file".equals(reference.url.scheme()))
+      {
+        report.message(MessageId.RSC_031, reference.location, reference.url);
+      }
     }
 
     // Check undeclared resources
diff --git a/src/main/resources/com/adobe/epubcheck/messages/MessageBundle.properties b/src/main/resources/com/adobe/epubcheck/messages/MessageBundle.properties
index 638f73a0a..71af7506c 100644
--- a/src/main/resources/com/adobe/epubcheck/messages/MessageBundle.properties
+++ b/src/main/resources/com/adobe/epubcheck/messages/MessageBundle.properties
@@ -356,6 +356,7 @@ RSC_027=XML document is encoded in UTF-16. It should be encoded in UTF-8 instead
 RSC_028=XML documents must be encoded in UTF-8, but %1%s was detected.
 RSC_029=Data URL is not allowed in this context.
 RSC_030=File URLs are not allowed in EPUB, but found "%1$s".
+RSC_031=Remote resource references should use HTTPS, but found "%1$s".
 
 #Scripting
 SCP_001=Use of Javascript eval() function in EPUB scripts is a security risk.
diff --git a/src/test/resources/epub3/03-resources/files/resources-remote-audio-sources-foreign-valid/EPUB/content_001.xhtml b/src/test/resources/epub3/03-resources/files/resources-remote-audio-sources-foreign-valid/EPUB/content_001.xhtml
index ae3a9a5f7..423cb5fcf 100644
--- a/src/test/resources/epub3/03-resources/files/resources-remote-audio-sources-foreign-valid/EPUB/content_001.xhtml
+++ b/src/test/resources/epub3/03-resources/files/resources-remote-audio-sources-foreign-valid/EPUB/content_001.xhtml
@@ -7,8 +7,8 @@
 	<body>
 		<!-- remote audio sources, one in a foreign type -->
 		<audio>
-			<source src="http://example.org/remote.foo" />
-			<source src="http://example.org/remote.mp4" />
+			<source src="https://example.org/remote.foo" />
+			<source src="https://example.org/remote.mp4" />
 		</audio>
 	</body>
 </html>
diff --git a/src/test/resources/epub3/03-resources/files/resources-remote-audio-sources-foreign-valid/EPUB/package.opf b/src/test/resources/epub3/03-resources/files/resources-remote-audio-sources-foreign-valid/EPUB/package.opf
index 4b20abadc..05658317f 100644
--- a/src/test/resources/epub3/03-resources/files/resources-remote-audio-sources-foreign-valid/EPUB/package.opf
+++ b/src/test/resources/epub3/03-resources/files/resources-remote-audio-sources-foreign-valid/EPUB/package.opf
@@ -9,8 +9,8 @@
 <manifest>
   <item id="content_001"  href="content_001.xhtml" media-type="application/xhtml+xml" properties="remote-resources"/>
   <item id="nav"  href="nav.xhtml" media-type="application/xhtml+xml" properties="nav"/>
-  <item id="audio" href="http://example.org/remote.foo" media-type="audio/foo"/>
-  <item id="audio-fallback" href="http://example.org/remote.mp4" media-type="audio/mp4" /></manifest>
+  <item id="audio" href="https://example.org/remote.foo" media-type="audio/foo"/>
+  <item id="audio-fallback" href="https://example.org/remote.mp4" media-type="audio/mp4" /></manifest>
 <spine>
   <itemref idref="content_001" />
 </spine>
diff --git a/src/test/resources/epub3/03-resources/files/resources-remote-audio-sources-valid/EPUB/content_001.xhtml b/src/test/resources/epub3/03-resources/files/resources-remote-audio-sources-valid/EPUB/content_001.xhtml
index 468f27d79..4dd89977f 100644
--- a/src/test/resources/epub3/03-resources/files/resources-remote-audio-sources-valid/EPUB/content_001.xhtml
+++ b/src/test/resources/epub3/03-resources/files/resources-remote-audio-sources-valid/EPUB/content_001.xhtml
@@ -6,8 +6,8 @@
 	</head>
 	<body>
 		<audio controls="controls">
-			<source src="http://example.com/audio/src-1.mp4" type="audio/mp4"/>
-			<source src="http://example.com/audio/src-2.mp4" type="audio/mp4"/>
+			<source src="https://example.com/audio/src-1.mp4" type="audio/mp4"/>
+			<source src="https://example.com/audio/src-2.mp4" type="audio/mp4"/>
 		</audio>
 	</body>
 </html>
diff --git a/src/test/resources/epub3/03-resources/files/resources-remote-audio-sources-valid/EPUB/package.opf b/src/test/resources/epub3/03-resources/files/resources-remote-audio-sources-valid/EPUB/package.opf
index fca255aa6..c7d629d69 100644
--- a/src/test/resources/epub3/03-resources/files/resources-remote-audio-sources-valid/EPUB/package.opf
+++ b/src/test/resources/epub3/03-resources/files/resources-remote-audio-sources-valid/EPUB/package.opf
@@ -9,8 +9,8 @@
 <manifest>
   <item id="content_001"  href="content_001.xhtml" media-type="application/xhtml+xml" properties="remote-resources"/>
   <item id="nav"  href="nav.xhtml" media-type="application/xhtml+xml" properties="nav"/>
-  <item id="audio1" href="http://example.com/audio/src-1.mp4" media-type="audio/mp4" />
-  <item id="audio2" href="http://example.com/audio/src-2.mp4" media-type="audio/mp4" />
+  <item id="audio1" href="https://example.com/audio/src-1.mp4" media-type="audio/mp4" />
+  <item id="audio2" href="https://example.com/audio/src-2.mp4" media-type="audio/mp4" />
 </manifest>
 <spine>
   <itemref idref="content_001" />
diff --git a/src/test/resources/epub3/03-resources/files/resources-remote-audio-valid/EPUB/content_001.xhtml b/src/test/resources/epub3/03-resources/files/resources-remote-audio-valid/EPUB/content_001.xhtml
index 6499dbd8c..0e388c2b6 100644
--- a/src/test/resources/epub3/03-resources/files/resources-remote-audio-valid/EPUB/content_001.xhtml
+++ b/src/test/resources/epub3/03-resources/files/resources-remote-audio-valid/EPUB/content_001.xhtml
@@ -5,11 +5,9 @@
 		<title>Minimal EPUB</title>
 	</head>
 	<body>
-		<!-- remote http URL -->
-		<audio src="http://example.org/remote.mp4" />
 		<!-- remote https URL -->
 		<audio src="https://example.org/remote.mp4" />
 		<!-- remote URL with query -->
-		<audio src="http://example.org/remote.mp4?test" />
+		<audio src="https://example.org/remote.mp4?test" />
 	</body>
 </html>
diff --git a/src/test/resources/epub3/03-resources/files/resources-remote-audio-valid/EPUB/package.opf b/src/test/resources/epub3/03-resources/files/resources-remote-audio-valid/EPUB/package.opf
index a3b3858f6..888dc3925 100644
--- a/src/test/resources/epub3/03-resources/files/resources-remote-audio-valid/EPUB/package.opf
+++ b/src/test/resources/epub3/03-resources/files/resources-remote-audio-valid/EPUB/package.opf
@@ -9,9 +9,8 @@
 <manifest>
   <item id="content_001"  href="content_001.xhtml" media-type="application/xhtml+xml" properties="remote-resources"/>
   <item id="nav"  href="nav.xhtml" media-type="application/xhtml+xml" properties="nav"/>
-  <item id="audio-1" href="http://example.org/remote.mp4" media-type="audio/mp4" />
-  <item id="audio-2" href="https://example.org/remote.mp4" media-type="audio/mp4" />
-  <item id="audio-3" href="http://example.org/remote.mp4?test" media-type="audio/mp4" />
+  <item id="audio-1" href="https://example.org/remote.mp4" media-type="audio/mp4" />
+  <item id="audio-2" href="https://example.org/remote.mp4?test" media-type="audio/mp4" />
 </manifest>
 <spine>
   <itemref idref="content_001" />
diff --git a/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/EPUB/content_001.xhtml b/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/EPUB/content_001.xhtml
new file mode 100644
index 000000000..2adfccf8a
--- /dev/null
+++ b/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/EPUB/content_001.xhtml
@@ -0,0 +1,11 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+	<head>
+		<meta charset="utf-8" />
+		<title>Minimal EPUB</title>
+	</head>
+	<body>
+		<audio src="http://example.org/audio.mp4" /><!--not https-->
+		<video src="http://example.org/video.mp4" /><!--not https-->
+	</body>
+</html>
diff --git a/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/EPUB/nav.xhtml b/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/EPUB/nav.xhtml
new file mode 100644
index 000000000..240745e63
--- /dev/null
+++ b/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/EPUB/nav.xhtml
@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" xml:lang="en" lang="en">
+	<head>
+		<meta charset="utf-8"/>
+		<title>Minimal Nav</title>
+	</head>
+	<body>
+		<nav epub:type="toc">
+			<ol>
+				<li><a href="content_001.xhtml">content 001</a></li>
+			</ol>
+		</nav>
+	</body>
+</html>
diff --git a/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/EPUB/package.opf b/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/EPUB/package.opf
new file mode 100644
index 000000000..f9263ed88
--- /dev/null
+++ b/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/EPUB/package.opf
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<package xmlns="http://www.idpf.org/2007/opf" version="3.0" xml:lang="en" unique-identifier="q">
+<metadata xmlns:dc="http://purl.org/dc/elements/1.1/">
+  <dc:title id="title">Minimal EPUB 3.0</dc:title>
+  <dc:language>en</dc:language>
+  <dc:identifier id="q">NOID</dc:identifier>
+  <meta property="dcterms:modified">2017-06-14T00:00:01Z</meta>
+</metadata>
+<manifest>
+  <item id="content_001"  href="content_001.xhtml" media-type="application/xhtml+xml" properties="remote-resources"/>
+  <item id="css"  href="style.css" media-type="text/css" properties="remote-resources"/>
+  <item id="nav"  href="nav.xhtml" media-type="application/xhtml+xml" properties="nav"/>
+  <item id="audio" href="http://example.org/audio.mp4" media-type="audio/mp4" />
+  <item id="font"  href="http://example.org/font" media-type="font/woff"/>
+  <item id="video" href="http://example.org/video.mp4" media-type="video/mp4" />
+</manifest>
+<spine>
+  <itemref idref="content_001" />
+</spine>
+</package>
\ No newline at end of file
diff --git a/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/EPUB/style.css b/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/EPUB/style.css
new file mode 100644
index 000000000..70c5f49b8
--- /dev/null
+++ b/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/EPUB/style.css
@@ -0,0 +1,4 @@
+@font-face {
+  font-family: "Open Sans";
+  src: url("http://example.org/font") format("woff");
+}
\ No newline at end of file
diff --git a/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/META-INF/container.xml b/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/META-INF/container.xml
new file mode 100644
index 000000000..318782179
--- /dev/null
+++ b/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/META-INF/container.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<container version="1.0" xmlns="urn:oasis:names:tc:opendocument:xmlns:container">
+	<rootfiles>
+		<rootfile full-path="EPUB/package.opf" media-type="application/oebps-package+xml"/>
+	</rootfiles>
+</container>
diff --git a/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/mimetype b/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/mimetype
new file mode 100644
index 000000000..57ef03f24
--- /dev/null
+++ b/src/test/resources/epub3/03-resources/files/resources-remote-not-https-warning/mimetype
@@ -0,0 +1 @@
+application/epub+zip
\ No newline at end of file
diff --git a/src/test/resources/epub3/03-resources/files/resources-remote-video-valid/EPUB/content_001.xhtml b/src/test/resources/epub3/03-resources/files/resources-remote-video-valid/EPUB/content_001.xhtml
index df96b741a..17cdfeb5d 100644
--- a/src/test/resources/epub3/03-resources/files/resources-remote-video-valid/EPUB/content_001.xhtml
+++ b/src/test/resources/epub3/03-resources/files/resources-remote-video-valid/EPUB/content_001.xhtml
@@ -5,11 +5,9 @@
 		<title>Minimal EPUB</title>
 	</head>
 	<body>
-		<!-- remote http URL -->
-		<video src="http://example.org/remote.mp4" />
 		<!-- remote https URL -->
 		<video src="https://example.org/remote.mp4" />
 		<!-- remote URL with query -->
-		<video src="http://example.org/remote.mp4?test" />
+		<video src="https://example.org/remote.mp4?test" />
 	</body>
 </html>
diff --git a/src/test/resources/epub3/03-resources/files/resources-remote-video-valid/EPUB/package.opf b/src/test/resources/epub3/03-resources/files/resources-remote-video-valid/EPUB/package.opf
index a67adf230..f4311079b 100644
--- a/src/test/resources/epub3/03-resources/files/resources-remote-video-valid/EPUB/package.opf
+++ b/src/test/resources/epub3/03-resources/files/resources-remote-video-valid/EPUB/package.opf
@@ -9,9 +9,8 @@
 <manifest>
   <item id="content_001"  href="content_001.xhtml" media-type="application/xhtml+xml" properties="remote-resources"/>
   <item id="nav"  href="nav.xhtml" media-type="application/xhtml+xml" properties="nav"/>
-  <item id="video-1" href="http://example.org/remote.mp4" media-type="video/mp4" />
-  <item id="video-2" href="https://example.org/remote.mp4" media-type="video/mp4" />
-  <item id="video-3" href="http://example.org/remote.mp4?test" media-type="video/mp4" />
+  <item id="video-1" href="https://example.org/remote.mp4" media-type="video/mp4" />
+  <item id="video-2" href="https://example.org/remote.mp4?test" media-type="video/mp4" />
 </manifest>
 <spine>
   <itemref idref="content_001" />
diff --git a/src/test/resources/epub3/03-resources/resources.feature b/src/test/resources/epub3/03-resources/resources.feature
index 16a8080b0..febcfb50f 100644
--- a/src/test/resources/epub3/03-resources/resources.feature
+++ b/src/test/resources/epub3/03-resources/resources.feature
@@ -385,6 +385,12 @@
     Then error RSC-006 is reported
     And no other errors or warnings are reported
 
+  @spec @xref:sec-resource-locations
+  Scenario: Warn about a remote resource with a non `https` URL
+    When checking EPUB 'resources-remote-not-https-warning'
+    Then warning RSC-031 is reported 3 times
+    And no other errors or warnings are reported
+
   ## 3.7 Data URLs
 
   @spec @xref:sec-data-urls
diff --git a/src/test/resources/epub3/05-package-document/files/package-manifest-prop-remote-resource-undeclared-error/EPUB/content_001.xhtml b/src/test/resources/epub3/05-package-document/files/package-manifest-prop-remote-resource-undeclared-error/EPUB/content_001.xhtml
index 0f815c5d5..cefdcff80 100644
--- a/src/test/resources/epub3/05-package-document/files/package-manifest-prop-remote-resource-undeclared-error/EPUB/content_001.xhtml
+++ b/src/test/resources/epub3/05-package-document/files/package-manifest-prop-remote-resource-undeclared-error/EPUB/content_001.xhtml
@@ -5,7 +5,7 @@
 		<title>Minimal EPUB</title>
 	</head>
 	<body>
-		<video src="http://test.com/lorem.ogg" width="640" height="360" controls="controls">
+		<video src="https://example.org/lorem.ogg" width="640" height="360" controls="controls">
 			Your reader doesn't support video!
 		</video>
 	</body>
diff --git a/src/test/resources/epub3/05-package-document/files/package-manifest-prop-remote-resource-undeclared-error/EPUB/package.opf b/src/test/resources/epub3/05-package-document/files/package-manifest-prop-remote-resource-undeclared-error/EPUB/package.opf
index 805380e1c..90382fdb8 100644
--- a/src/test/resources/epub3/05-package-document/files/package-manifest-prop-remote-resource-undeclared-error/EPUB/package.opf
+++ b/src/test/resources/epub3/05-package-document/files/package-manifest-prop-remote-resource-undeclared-error/EPUB/package.opf
@@ -9,7 +9,7 @@
 <manifest>
   <item id="content_001"  href="content_001.xhtml" media-type="application/xhtml+xml"/>
   <item id="nav"  href="nav.xhtml" media-type="application/xhtml+xml" properties="nav"/>
-  <item id="video" href="http://test.com/lorem.ogg" media-type="video/ogg" />
+  <item id="video" href="https://example.org/lorem.ogg" media-type="video/ogg" />
 </manifest>
 <spine>
   <itemref idref="content_001" />
diff --git a/src/test/resources/epub3/05-package-document/files/package-remote-audio-in-overlays-missing-property-error/EPUB/chapter_001_overlay.smil b/src/test/resources/epub3/05-package-document/files/package-remote-audio-in-overlays-missing-property-error/EPUB/chapter_001_overlay.smil
index 1cd90b9a9..3ede33d51 100644
--- a/src/test/resources/epub3/05-package-document/files/package-remote-audio-in-overlays-missing-property-error/EPUB/chapter_001_overlay.smil
+++ b/src/test/resources/epub3/05-package-document/files/package-remote-audio-in-overlays-missing-property-error/EPUB/chapter_001_overlay.smil
@@ -2,7 +2,7 @@
 	<body>
 		<par id="heading1">
 			<text src="content_001.xhtml#hd01"/>
-			<audio src="http://example.com/audio/c001.mp4" clipBegin="0:00:24.500"/>
+			<audio src="https://example.com/audio/c001.mp4" clipBegin="0:00:24.500"/>
 		</par>
 	</body>
 </smil>
diff --git a/src/test/resources/epub3/05-package-document/files/package-remote-audio-in-overlays-missing-property-error/EPUB/package.opf b/src/test/resources/epub3/05-package-document/files/package-remote-audio-in-overlays-missing-property-error/EPUB/package.opf
index b3ab9270a..51525248d 100644
--- a/src/test/resources/epub3/05-package-document/files/package-remote-audio-in-overlays-missing-property-error/EPUB/package.opf
+++ b/src/test/resources/epub3/05-package-document/files/package-remote-audio-in-overlays-missing-property-error/EPUB/package.opf
@@ -12,7 +12,7 @@
 <manifest>
 	<item id="content_001"  href="content_001.xhtml" media-type="application/xhtml+xml" media-overlay="chapter_001_overlay"/>
 	<item id="chapter_001_overlay" href="chapter_001_overlay.smil" media-type="application/smil+xml"/>
-	<item id="chapter_001_audio" href="http://example.com/audio/c001.mp4" media-type="audio/mp4"/>
+	<item id="chapter_001_audio" href="https://example.com/audio/c001.mp4" media-type="audio/mp4"/>
 	<item id="nav"  href="nav.xhtml" media-type="application/xhtml+xml" properties="nav"/>
 </manifest>
 <spine>
diff --git a/src/test/resources/epub3/05-package-document/files/package-remote-audio-missing-property-error/EPUB/content_001.xhtml b/src/test/resources/epub3/05-package-document/files/package-remote-audio-missing-property-error/EPUB/content_001.xhtml
index 8971bbb77..9076e74e6 100644
--- a/src/test/resources/epub3/05-package-document/files/package-remote-audio-missing-property-error/EPUB/content_001.xhtml
+++ b/src/test/resources/epub3/05-package-document/files/package-remote-audio-missing-property-error/EPUB/content_001.xhtml
@@ -6,6 +6,6 @@
 	</head>
 	<body>
 		<!-- remote http URL -->
-		<audio src="http://example.org/remote.mp4" />
+		<audio src="https://example.org/remote.mp4" />
 	</body>
 </html>
diff --git a/src/test/resources/epub3/05-package-document/files/package-remote-audio-missing-property-error/EPUB/package.opf b/src/test/resources/epub3/05-package-document/files/package-remote-audio-missing-property-error/EPUB/package.opf
index 507046b5b..130b19ac9 100644
--- a/src/test/resources/epub3/05-package-document/files/package-remote-audio-missing-property-error/EPUB/package.opf
+++ b/src/test/resources/epub3/05-package-document/files/package-remote-audio-missing-property-error/EPUB/package.opf
@@ -9,7 +9,7 @@
 <manifest>
   <item id="content_001"  href="content_001.xhtml" media-type="application/xhtml+xml"/>
   <item id="nav"  href="nav.xhtml" media-type="application/xhtml+xml" properties="nav"/>
-  <item id="audio" href="http://example.org/remote.mp4" media-type="audio/mp4"/>
+  <item id="audio" href="https://example.org/remote.mp4" media-type="audio/mp4"/>
 </manifest>
 <spine>
   <itemref idref="content_001" />
diff --git a/src/test/resources/epub3/05-package-document/files/package-remote-audio-sources-undeclared-error/EPUB/content_001.xhtml b/src/test/resources/epub3/05-package-document/files/package-remote-audio-sources-undeclared-error/EPUB/content_001.xhtml
index 468f27d79..4dd89977f 100644
--- a/src/test/resources/epub3/05-package-document/files/package-remote-audio-sources-undeclared-error/EPUB/content_001.xhtml
+++ b/src/test/resources/epub3/05-package-document/files/package-remote-audio-sources-undeclared-error/EPUB/content_001.xhtml
@@ -6,8 +6,8 @@
 	</head>
 	<body>
 		<audio controls="controls">
-			<source src="http://example.com/audio/src-1.mp4" type="audio/mp4"/>
-			<source src="http://example.com/audio/src-2.mp4" type="audio/mp4"/>
+			<source src="https://example.com/audio/src-1.mp4" type="audio/mp4"/>
+			<source src="https://example.com/audio/src-2.mp4" type="audio/mp4"/>
 		</audio>
 	</body>
 </html>
diff --git a/src/test/resources/epub3/05-package-document/files/package-remote-audio-sources-undeclared-error/EPUB/package.opf b/src/test/resources/epub3/05-package-document/files/package-remote-audio-sources-undeclared-error/EPUB/package.opf
index da6e0e1be..486298058 100644
--- a/src/test/resources/epub3/05-package-document/files/package-remote-audio-sources-undeclared-error/EPUB/package.opf
+++ b/src/test/resources/epub3/05-package-document/files/package-remote-audio-sources-undeclared-error/EPUB/package.opf
@@ -9,7 +9,7 @@
 <manifest>
   <item id="content_001"  href="content_001.xhtml" media-type="application/xhtml+xml" properties="remote-resources"/>
   <item id="nav"  href="nav.xhtml" media-type="application/xhtml+xml" properties="nav"/>
-  <item id="audio1" href="http://example.com/audio/src-1.mp4" media-type="audio/mp4" />
+  <item id="audio1" href="https://example.com/audio/src-1.mp4" media-type="audio/mp4" />
   <!--<item id="audio2" href="http://example.com/audio/src-2.mp4" media-type="audio/mp4" />-->
 </manifest>
 <spine>
diff --git a/src/test/resources/epub3/05-package-document/files/package-remote-audio-undeclared-error/EPUB/content_001.xhtml b/src/test/resources/epub3/05-package-document/files/package-remote-audio-undeclared-error/EPUB/content_001.xhtml
index 8971bbb77..9076e74e6 100644
--- a/src/test/resources/epub3/05-package-document/files/package-remote-audio-undeclared-error/EPUB/content_001.xhtml
+++ b/src/test/resources/epub3/05-package-document/files/package-remote-audio-undeclared-error/EPUB/content_001.xhtml
@@ -6,6 +6,6 @@
 	</head>
 	<body>
 		<!-- remote http URL -->
-		<audio src="http://example.org/remote.mp4" />
+		<audio src="https://example.org/remote.mp4" />
 	</body>
 </html>
diff --git a/src/test/resources/epub3/06-content-document/files/content-xhtml-video-poster-media-type-error/EPUB/content_001.xhtml b/src/test/resources/epub3/06-content-document/files/content-xhtml-video-poster-media-type-error/EPUB/content_001.xhtml
index 6eea293e7..9e6af435a 100644
--- a/src/test/resources/epub3/06-content-document/files/content-xhtml-video-poster-media-type-error/EPUB/content_001.xhtml
+++ b/src/test/resources/epub3/06-content-document/files/content-xhtml-video-poster-media-type-error/EPUB/content_001.xhtml
@@ -5,7 +5,7 @@
 		<title>Minimal EPUB</title>
 	</head>
 	<body>
-		<video src="http://test.com/lorem.ogg" width="640" height="360" controls="controls" poster="poster.png">
+		<video src="https://example.org/lorem.ogg" width="640" height="360" controls="controls" poster="poster.png">
 			
 		</video>
 	</body>
diff --git a/src/test/resources/epub3/06-content-document/files/content-xhtml-video-poster-media-type-error/EPUB/package.opf b/src/test/resources/epub3/06-content-document/files/content-xhtml-video-poster-media-type-error/EPUB/package.opf
index 784361d48..ea5a493db 100644
--- a/src/test/resources/epub3/06-content-document/files/content-xhtml-video-poster-media-type-error/EPUB/package.opf
+++ b/src/test/resources/epub3/06-content-document/files/content-xhtml-video-poster-media-type-error/EPUB/package.opf
@@ -10,7 +10,7 @@
   <item id="content_001"  href="content_001.xhtml" media-type="application/xhtml+xml" properties="remote-resources"/>
   <item id="nav"  href="nav.xhtml" media-type="application/xhtml+xml" properties="nav"/>
   <item id="poster" href="poster.png" media-type="text/abc" />
-  <item id="video" href="http://test.com/lorem.ogg" media-type="video/ogg" />
+  <item id="video" href="https://example.org/lorem.ogg" media-type="video/ogg" />
 </manifest>
 <spine>
   <itemref idref="content_001" />