Menu
I am embedding a Youtube video on my website like so:
<iframe class="frame-for-top" width="300" height="200" src="https://www.youtube.com/embed/nb9GMm7QtlM" frameborder="0" allowfullscreen></iframe>
Now when I open up my console I get an error message for all of my embedded youtube videos that says:
:1 Uncaught SecurityError: Blocked a frame with origin "https://www.youtube.com" from accessing a frame with origin "http://mywebsite.com". The frame requesting access has a protocol of "https", the frame being accessed has a protocol of "http". Protocols must match.
I tried changing the "src" in the iframe to http instead of https seems to work but I don't know if that's ok to do. Any feedback?
UPDATE:
still getting the errors even in the JS fiddle;
692
You need to add an origin parameter to your src url and then you can use http protocol in your iframe:
As an extra security measure, you should also include the origin parameter to the URL, specifying the URL scheme (http:// or https://) and full domain of your host page as the parameter value. While origin is optional, including it protects against malicious third-party JavaScript being injected into your page and hijacking control of your YouTube player.
Example:
<iframe id="player" type="text/html" width="640" height="390"
src="http://www.youtube.com/watch?v=nb9GMm7QtlM?origin=http://mywebsite.com"
frameborder="0"></iframe>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
