When I embed a video with video_filter and html5 fallback (using iframe), I always have an error like this :

Unsafe JavaScript attempt to access frame with URL http://www.mysite.com/ from frame with URL http://player.vimeo.com/video/[VIDEO-ID]. Domains, protocols and ports must match.

It seems that iframe with other domain that the current domain trigger this warning message. It's not a real problem because the page loading successfully, without other javascript error.
After some tests, avoid this message is possible by create a callback to retrieve content instead of calling directly remote url :

Not very advanced, but a way to start :

video_filter.module :

In video_filter_menu :

  $items['video_filter/video/%'] = array(
    'title' => 'Get video',
    'description' => 'Get video locally',
    'page callback' => 'video_filter_get_video',
    'page arguments' => array( 2 ),
    'access arguments' => array('access content'),
  	'type' => MENU_CALLBACK

The callback (only for vimeo... it's tests, not full implementation) :

function video_filter_get_video( $video_id ) {
  $url = 'http://player.vimeo.com/video/' . $video_id;
  $contents = file_get_contents($url);
  echo $contents;

And finally, modifications to the vimeo callback (video_filter.codecs.inc) :

function video_filter_vimeo_html5($video) {
  $html = '';
  //$html = '';

  return $html;

In some words, I call the callback from the iframe to retrieve the remote content and simply echo it, and javascript warning msg disappears.

What do you think about ? Any possibility to add this kind of implementation into the module to avoid JS warnings ?

Thanks in advance for your answer.


blacklabel_tom’s picture


You may have found this on your own but:


Its only a problem for webkit browsers and if its not causing a slowdown its nothing to worry about.



minnur’s picture

Status: Active » Closed (works as designed)