Youtube Iframe on HTTPS website

Question

I included an iframe pointing to a youtube video on a website using https. Although I embedded the youtube video with \"https://\", the video loads http-files when I click on pl

Answer 1

Add a origin parameter to your URL as explained from the Google api documentation: YouTube Player API Reference for iframe Embeds

As an extra security measure, you should also include the origin parameter to the URL, specifying the URL scheme (http:// or https://) and full domain of your host page as the parameter value. While origin is optional, including it protects against malicious third-party JavaScript being injected into your page and hijacking control of your YouTube player.