The Apache-global default Content-Security-Policy has frame-src 'self', which forbids loading YouTube in a frame. However, when project correctly use opt-in, they are allowed to override this restriction using .htaccess. Show how that's done (and fix the demos).
I also changed the video to something that actually moves in the first second after hitting 'play', to avoid confusion :).
Fixes #32 (though it would still be nice to also document this, not only do it ;) )
The Apache-global default
Content-Security-Policyhasframe-src 'self', which forbids loading YouTube in a frame. However, when project correctly use opt-in, they are allowed to override this restriction using.htaccess. Show how that's done (and fix the demos).I also changed the video to something that actually moves in the first second after hitting 'play', to avoid confusion :).
Fixes #32 (though it would still be nice to also document this, not only do it ;) )
Tested in a local Apache httpd