diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/URIFilter/SafeIframe.php b/htdocs/vendor/ezyang/htmlpurifier/library/HTMLPurifier/URIFilter/SafeIframe.php
index f609c47a34..700e13f554 100644
--- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/URIFilter/SafeIframe.php
+++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/URIFilter/SafeIframe.php
@@ -60,8 +60,18 @@ class HTMLPurifier_URIFilter_SafeIframe extends HTMLPurifier_URIFilter
         if ($this->regexp === null) {
             return false;
         }
-        // actually check the whitelists
-        return preg_match($this->regexp, $uri->toString());
+        // actually check the whitelists (Mahara customisation)
+        if (!preg_match($this->regexp, $uri->toString())) {
+            return false;
+        }
+
+        // Make sure that if we're an HTTPS site, the iframe is also HTTPS
+        if (is_https() && $uri->scheme == 'http') {
+            // Convert it to a protocol-relative URL
+            $uri->scheme = null;
+        }
+
+        return $uri;
     }
 }