[wp-trac] [WordPress Trac] #44610: Allow Youtube-Player to use youtube-nocookie.com URLS to avoid setting cookies.
WordPress Trac
noreply at wordpress.org
Mon Jul 23 11:38:00 UTC 2018
#44610: Allow Youtube-Player to use youtube-nocookie.com URLS to avoid setting
cookies.
-------------------------------------------------+-------------------------
Reporter: jepperask | Owner: (none)
Type: enhancement | Status: reopened
Priority: normal | Milestone:
Component: Customize | Version: 4.9.7
Severity: normal | Resolution:
Keywords: needs-testing 2nd-opinion needs- | Focuses: privacy
unit-tests has-patch |
-------------------------------------------------+-------------------------
Changes (by birgire):
* focuses: => privacy
Comment:
Welcome to WordPress Core Trac @jepperask
The scope of the ticket seems to be the YouTube url in the ''Header
Media'' of the Customizer.
Here's some info on YouTube's ''Privacy Enhanced Mode'':
{{{
Privacy Enhanced Mode allows you to embed YouTube videos without using
cookies to track viewing
behavior. This means viewing activity isn’t collected to personalize the
viewing experience. Instead,
video recommendations are contextual and related to the currently played
video. Videos playing in a
Privacy Enhanced Mode embedded player won’t influence the viewer's
browsing experience on YouTube.
(The Privacy Enhanced Mode only relates to tracking of viewer behavior,
not ads-serving behavior.
To disable tracking for advertising purposes, you can add yourself to the
Tag for Child-Directed
Treatment page.)
Note:
If the viewer clicks or taps out of the embed and is redirected to another
website or app,
that website or app may track the viewer’s behavior as per that website’s
or app’s policies and terms.
Privacy Enhanced Mode is currently available only for embedded players on
websites. Developers will
have to wrap the Privacy Enhanced Mode player into a web-view instance in
order to use it in apps.
To use Privacy Enhanced Mode, change the domain for the embed URL in your
HTML from
https://www.youtube.com to https://www.youtube-nocookie.com as shown in
the following example:
Before
<iframe width="1440" height="762"
src="https://www.youtube.com/embed/7cjVj1ZyzyE"
frameborder="0" allow="autoplay; encrypted-media"
allowfullscreen></iframe>
After
<iframe width="1440" height="762" src="https://www.youtube-
nocookie.com/embed/7cjVj1ZyzyE"
frameborder="0" allow="autoplay; encrypted-media"
allowfullscreen></iframe>
Since this is a different domain, network administrators also need to add
the domain
youtube-nocookie.com to their firewall whitelist in addition to
youtube.com.
}}}
https://support.google.com/youtube/answer/171780?hl=en
---
This seems to be the supported format:
https://www.youtube-nocookie.com/embed/{ID}
I tested various versions (with browser and curl) that did not work:
- https://youtube-nocookie.com/embed/{ID} results in 404.
- http://www.youtube-nocookie.com/embed/{ID} redirects to https.
- https://www.youtube-nocookie.com/watch/?v={ID} results in 404.
- https://youtube-nocookie.com/watch/?v={ID} results in "curl: (51)
Unable to communicate securely with peer: requested domain name does not
match the server's certificate."
- https://www.youtube-nocookie.com/v/{ID} results in the browser wanting
to download a SWF file!
---
If supporting the Privacy Enhanced Mode is the way to go, should the:
https://www.youtube-nocookie.com/embed/{ID}
be the only supported format for the youtube-nocookie.com urls ?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44610#comment:7>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list