Nuxt•3mo ago

Set Up Nuxt Security to allow Youtube iframe Embeds

I'm hitting a wall trying to get Nuxt security to accept iframes from Youtube. Here's my current set up:

security: {
    headers: {
      contentSecurityPolicy: {
        'img-src': ["'self'", 'data:', 'https:'],
        'script-src-attr': ["'self'", "'unsafe-inline'"],
        'connect-src':
          process.env.NODE_ENV === 'development'
            ? ["'self'", 'https:', 'ws:']
            : ["'self'", 'https:'],
        'frame-src': [
          'https://www.youtube-nocookie.com',
          'https://stackblitz.com',
        ],
      },
      permissionsPolicy: {
        'picture-in-picture': ["'self'", 'https://www.youtube-nocookie.com'],
        fullscreen: ["'self'", 'https://www.youtube-nocookie.com'],
      },
      crossOriginEmbedderPolicy: 'unsafe-none',
    },
    ssg: {
      hashStyles: false,
    },
  },

0 Replies

No replies yetBe the first to reply to this messageJoin

Gaming

Programming

Set Up Nuxt Security to allow Youtube iframe Embeds