Youtube Iframe on HTTPS website

后端未结

关注

 1  1973

I included an iframe pointing to a youtube video on a website using https. Although I embedded the youtube video with \"https://\", the video loads http-files when I click on pl

相关标签:

1条回答

闹比i

2021-02-15 17:35
Add a origin parameter to your URL as explained from the Google api documentation: YouTube Player API Reference for iframe Embeds

As an extra security measure, you should also include the origin parameter to the URL, specifying the URL scheme (http:// or https://) and full domain of your host page as the parameter value. While origin is optional, including it protects against malicious third-party JavaScript being injected into your page and hijacking control of your YouTube player.
```
 <iframe id="player" type="text/html" width="640" height="390"
  src="http://www.youtube.com/embed/u1zgFlCw8Aw?enablejsapi=1&origin=http://example.com"
  frameborder="0"></iframe>
```
0 讨论(0)
发布评论:

提交评论
- 加载中...