LonelyCpp / react-native-youtube-iframe

A wrapper of the Youtube-iframe API built for react native.
https://lonelycpp.github.io/react-native-youtube-iframe/
MIT License
612 stars 155 forks source link

Potential Violation of YouTube Developer Policies in Mobile Implementation #341

Open yininge opened 4 months ago

yininge commented 4 months ago

After reviewing the YouTube Developer Policies, I believe that using this package on mobile devices may violate the guidelines stated in the section "Your API service must reflect a user’s standard experience on YouTube." Specifically, the policy mentions:

Don’t use YouTube’s API to...

Restrict YouTube’s ability to verify from where the playback occurs. Example: In the case of mobile applications using a WebView to host the YouTube IFrame SDK web player, failing to accurately represent the name of your application (e.g. com.company.appname) accurately as HTTP Referer header.

From the project documentation, it appears that this package uses a WebView to host the YouTube IFrame web player. This implementation might fail to accurately represent the name of the application as the HTTP Referer header, potentially violating YouTube's policies.

Steps to Reproduce:

  1. Use the package in a mobile application.
  2. Monitor the HTTP headers during playback.

Concern:

If the HTTP Referer header does not accurately represent the name of the application (e.g., com.company.appname), this could be a policy violation.

Recommendation:

Please reconsider the use of this package if you have concerns about potential violations. It might be necessary to update the implementation to ensure compliance with YouTube’s Developer Policies, particularly in how the application name is represented in the HTTP Referer header.

Screenshot 2024-07-05 at 3 21 22 PM