Unsafe JavaScript attempt to access frame with URL

mickyginger · May 26, 2012, 11:48am

I’m embedding a youtube vid into a webpage using jQuery. Why? Because I want valid HTML markup.

So here’s what I’m doing:


$(document).ready(function(){
  var youtube = $('#youtube a').attr('href').match(/http:\\/\\/youtu.be\\/(.+)/)[1];
  $('#youtube').append('<iframe width="560" height="315" src="http://www.youtube.com/embed/' + youtube + '" frameborder="0" allowfullscreen></iframe>');
});

The HTML markup is as follows:


<div id="youtube">
  <a href="http://youtu.be/dr0tCny046Q">New Video - Not Tonight</a>
</div>

And I’m getting the following error message:
Unsafe JavaScript attempt to access frame with URL http://www.heycarrianne.co.uk/ from frame with URL http://www.youtube.com/embed/dr0tCny046Q. Domains, protocols and ports must match.

What gives? Don’t really understand why this is unsafe. Not sure what to do about it.

Cheers,
Mike

chris_upjohn · May 26, 2012, 12:37pm

If your using Google Chrome this warning will always appears as iframes are a security risk due to JavaScript injection attacks that can occur from within them. If you are however using trusted sources then this warning isn’t something to really about unless your concerned about it, if you do get concerned with it you can always use the YouTube API which i believe is 100% secure.

mickyginger · May 28, 2012, 10:42am

Thanks Chris, I’ll look into it.