I have issue to embed Youtube video
2 curtidas
What is the issue you have ?
1 curtida
Any solution for this issue, Are there any settings should be directly related to this
Does it occur in safe mode? Are there any browser errors? Thanks.
I tried everything and nothing is working
all the Youtube videos not working in my website and giving me this error
@hameedacpa, you’ve not… To demonstrate, this appears to have been solved elsewhere:
Have you already tried any online solutions?
1 curtida
I don’t think it is relevant for the my case
1 curtida
@hameedacpa, why? It’s the same error code.
Unfortunately I tried the solution recommended but it is not working, I believe it is something internally
1 curtida
Not sure if this is related, but I see an awful lot of cookies being blocked.
Also, no errors in the console and still happens in safe mode…
@hameedacpa What about adding https://youtube.com/ to the allowed_iframes setting? Not sure if that’ll help though.
1 curtida
Hopefully this helps +1 the OP’s complaint. Without any changes (I’m on stable branch), I also have the same error even when you click play on an existing video that used to work:
I’ve tried, via mobile, bypassing office firewall, disabling Cloudflare. No fix yet.
Testing here is mixed with error in the editor but displays in the forum:
Update:
YouTube recently tightened its policies so that new embed codes now include referrerpolicy=“strict-origin-when-cross-origin” along with updated allow attributes. I found this article:
Without these, YouTube rejects configuration requests from the iframe and you see Error 153.
Also see:
3 curtidas
I was able to fix this with Cloudflare until it’s officially patched.
For anyone running into the same issue, the cause is that YouTube now rejects embed requests missing a valid referrer policy header.
I added a Referrer-Policy header through Cloudflare’s Transform Rules (no Workers needed).
Here’s what I did:
-
In Cloudflare, go to Rules → Transform Rules → HTTP Response Header Modification.
-
Create a new rule, choose All incoming requests, and add a static header:
Header name: Referrer-Policy Value: strict-origin-when-cross-origin -
Deploy the rule.
Will remove this once patched.
2 curtidas
thank you very much for all of you
I found the issue was in the following change that should be done in vhost file
the following coming from ChatGPT
1 curtida
hm 
It is my understanding that the way Discourse works is that the Nginx change you just made inside that container will be wiped out on the very next ./launcher rebuild app or via UI upgrade.
If you want that change to persist, you shouldn’t edit inside the running Discourse container. But instead, make the change in /var/discourse/containers/app.yml so it persists across rebuilds and updates.
Once added, you can rebuild:
./launcher rebuild app
Not everyone uses Cloudflare, but that’s why I went with Cloudflare for this fix. Didn’t have to rebuild and just a temp workaround.
Since security headers work so that the last one received is what the browser honors, works.
It was just the quickest and least intrusive way to get things working. But if you’re doing it inside the container, just keep in mind you’ll have to redo it every time you rebuild or update Discourse. 
2 curtidas
I am using CloudPanel with Vhost and I modified the previous solution based on the recommendation of ChatGPT as follow:
1 curtida
We had the same problem months ago but for just 3 users. Our host guy was away and noone had access to host settings and we came up with this:
Edit theme and add this to “head”
<meta name="referrer" content="strict-origin-when-cross-origin">
4 curtidas
Your solution works with this metatag