Allowing iframes with protocol independent URLs

I’m trying to get’s podcast player to render in an embedded iFrame on our Discourse instance.

YouTube’s iFrames now render fine in an embedded iFrame. Here’s how I configured it:

And yet here is the result:

Any idea what I’m doing wrong with the allowed iframe list URL syntax? I tried regular expressions and couldn’t get those to work either.

You’re using the scheme-independent pseudo-URL in the iframe src, but that isn’t one of the valid source domain prefixes you’ve listed.


Wow - I had no idea the scheme-independent pseudo-URL was a valid input for the whitelist, but it worked. Thanks, @mpalmer!