CodeDevMLH/jellyfin-plugin-media-bar-enhanced
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 24 Wiki Activity

Add YouTube no-cookie host and referrer policy for iframe security

Browse Source
This commit is contained in:
CodeDevMLH
2026-03-05 02:00:54 +01:00
parent 142063ce63
commit 1d334e4d95
1 changed files with 15 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
Jellyfin.Plugin.MediaBarEnhanced/Web/mediaBarEnhanced.js
View File

@@ -744,6 +744,7 @@ const SlideUtils = {
height: '100%',
width: '100%',
videoId: videoId,
host: 'https://www.youtube-nocookie.com',
playerVars: {
autoplay: 1,
controls: 1,
@@ -751,8 +752,15 @@ const SlideUtils = {
rel: 0,
playsinline: 1,
origin: window.location.origin,
widget_referrer: window.location.href,
enablejsapi: 1
},
events: {
'onReady': (event) => {
const iframe = event.target.getIframe();
if (iframe) {
iframe.setAttribute('referrerpolicy', 'strict-origin-when-cross-origin');
}
}
}
});
});
@@ -1751,7 +1759,6 @@ const SlideCreator = {
loop: 0,
playsinline: 1,
origin: window.location.origin,
widget_referrer: window.location.href,
enablejsapi: 1
};
@@ -1784,9 +1791,15 @@ const SlideCreator = {
height: '100%',
width: '100%',
videoId: videoId,
host: 'https://www.youtube-nocookie.com',
playerVars: playerVars,
events: {
'onReady': (event) => {
const iframe = event.target.getIframe();
if (iframe) {
iframe.setAttribute('referrerpolicy', 'strict-origin-when-cross-origin');
}
// Store start/end time and videoId for later use
event.target._startTime = playerVars.start || 0;
event.target._endTime = playerVars.end || undefined;