When I embed a video with video_filter and html5 fallback (using iframe), I always have an error like this :

Unsafe JavaScript attempt to access frame with URL http://www.mysite.com/ from frame with URL http://player.vimeo.com/video/[VIDEO-ID]. Domains, protocols and ports must match.

It seems that iframe with other domain that the current domain trigger this warning message. It's not a real problem because the page loading successfully, without other javascript error.
After some tests, avoid this message is possible by create a callback to retrieve content instead of calling directly remote url :

Not very advanced, but a way to start :

video_filter.module :

In video_filter_menu :

['video_filter/video/%'] = array(
'title' => 'Get video',
'description' => 'Get video locally',
'page callback' => 'video_filter_get_video',
'page arguments' => array( 2 ),
'access arguments' => array('access content'),

The callback (only for vimeo... it's tests, not full implementation) :

function video_filter_get_video( $video_id ) {
$url = 'http://player.vimeo.com/video/' . $video_id;
$contents = file_get_contents($url);

And finally, modifications to the vimeo callback (video_filter.codecs.inc) :

function video_filter_vimeo_html5($video) {
$html = '<iframe src="/video_filter/video/'.$video['codec']['matches'][1].($video['autoplay'] ? '?autoplay=1' : '').'" width="'.$video['width'].'" height="'.$video['height'].'" frameborder="0"></iframe>';
//$html = '<iframe src="http://player.vimeo.com/video/'.$video['codec']['matches'][1].($video['autoplay'] ? '?autoplay=1' : '').'" width="'.$video['width'].'" height="'.$video['height'].'" frameborder="0"></iframe>';

return $html;

In some words, I call the callback from the iframe to retrieve the remote content and simply echo it, and javascript warning msg disappears.

What do you think about ? Any possibility to add this kind of implementation into the module to avoid JS warnings ?

Thanks in advance for your answer.


blacklabel_tom’s picture


You may have found this on your own but:


Its only a problem for webkit browsers and if its not causing a slowdown its nothing to worry about.