Knowledge base/Feature Requests
Provide off-domain iframe
Mathias Panzenböck
suggested this on February 14, 2011 21:13
If would be nice if embed.ly itself would provide the off-domain iframe if one adds the additional parameter iframe=true. Such an iframe would then e.g. be hosted as: http://sandbox.embed.ly/iframe?url=http://panzi.deviantart.com/art/... (or maybe even a completely different domain name). The returned oembed JSON using the iframe paramter would then look something like:
{ "version": "1.0", ..., "html": "<iframe src=\"http://sandbox.embed.ly/iframe?url=http://panzi.deviantart.com/art/...\" width=\"587\" height=\"618\"></iframe>" }
If the oembed does not contain any data that could possibly do any harm (no object, embed, javascript etc. tags, on*-event handler or javascript:-links), it should still return the old code.
It would be nice if you would provide such a feature. Its understandable if you don't want to, though (bandwidth etc.).
Comments
I agree. The warnings in the oEmbed spec are pretty clear that we should be loading video and rich resource type in an off domain iframe.
It would be helpful if there were just some pointers about how one might accomplish this.
We are working on an iframe support, have been testing it for a few weeks. Please put in a ticket or request into this system if you are interested using it.
We have a version of iframe support that is in Beta. If you would like to try it out please send an email to support@embed.ly and we will set it up for you.