问题描述
- 现在使用iframe完成YouTube嵌入。
- HTML5引入了属性,不仅应该影响演示,还要与主机集成页面更紧。 (应该不宣布将读者作为单独的文档进行筛选。)
- HTML5引入了属性,用于限制iframe,从而提高安全性。
- YouTube embedding is done using iframes nowadays.
- HTML5 introduces the seamless attribute, that not only should affect presentation, but make the integration with the host page tighter. (It should not be announced to screen readers as a separate document.)
- HTML5 introduces the sandbox attribute, that restricts the iframe and thus improves security.
在这两个属性的浏览器支持完成的世界中,当嵌入YouTube时,它们是否会对页面产生不利影响或以任何方式对页面产生负面影响视频? (是的,问题的后半部分主要是关于无缝。)
In a world where browser support for these 2 attributes is complete, will they benefit or in any way adversely affect the page, when embedding YouTube videos? (Yes, the last half of the question is primarily about seamless.)
我正在考虑建议我的学生始终使用这两个属性对于YouTube视频,并在浏览器支持可用时自动受益。
I am thinking about recommending my students to always use these 2 attributes for YouTube videos and benefit automatically as browser support becomes available.
推荐答案
我将专注于讨论 sandbox
属性。
要在沙盒中播放YouTube视频,您需要执行以下操作:
To play YouTube videos in a sandbox you need to do the following:
- 添加
sandbox =allow-scripts allow-same-origin
- 添加
?html5 = 1
到视频网址
- Add
sandbox="allow-scripts allow-same-origin"
- Add
?html5=1
to the video URL
#1的问题是Flash将无法加载;是否需要Flash取决于一些内容,例如最终用户的浏览器,他们的YouTube设置或视频根本无法用作HTML5视频(这会因为#2而恶化)。
A problem with #1 is that Flash will not be loaded; whether Flash is required depends on a few things, such as the end-user's browser, their YouTube settings or when a video is simply not available as an HTML5 video (this is worsened by #2).
#1的另一个(更严重的)问题是 allow-scripts
和的组合allow-same-origin
有效地消除了您原本享有的任何安全利益。
Another (more serious) problem with #1 is that the combination of allow-scripts
and allow-same-origin
effectively removes any security benefit you would have otherwise enjoyed.
结论
忘记使用沙箱
属性进行YouTube视频嵌入。
Forget about using the sandbox
attribute for YouTube video embedding.
进一步阅读
- HTML5 Sandbox and some notes
- Error playing embedded youtube video in a sandboxed iframe
这篇关于使用YouTube iframe的无缝和/或沙盒属性有什么意义吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!