Is there any point in using the seamless and or sandbox attribute for YouTube iframes?

Question

Update: This question is no longer valid. See comment below.

1. YouTube embedding is done using iframes nowadays.
2. HTML5 introduces the seamless attribute, that not only should affect presentation, but make the integration with the host page tighter. (It should not be announced to screen readers as a separate document.)
3. HTML5 introduces the sandbox attribute, that restricts the iframe and thus improves security.

In a world where browser support for these 2 attributes is complete, will they benefit or in any way adversely affect the page, when embedding YouTube videos? (Yes, the last half of the question is primarily about seamless.)

I am thinking about recommending my students to always use these 2 attributes for YouTube videos and benefit automatically as browser support becomes available.

Answer 1

I'll focus on just discussing the sandbox attribute.

To play YouTube videos in a sandbox you need to do the following:

1. Add sandbox="allow-scripts allow-same-origin"
2. Add ?html5=1 to the video URL

A problem with #1 is that Flash will not be loaded; whether Flash is required depends on a few things, such as the end-user's browser, their YouTube settings or when a video is simply not available as an HTML5 video (this is worsened by #2).

Another (more serious) problem with #1 is that the combination of allow-scripts and allow-same-origin effectively removes any security benefit you would have otherwise enjoyed.

Conclusion

Forget about using the sandbox attribute for YouTube video embedding.

Further reading

• HTML5 Sandbox and some notes
• Error playing embedded youtube video in a sandboxed iframe

Answer 2

No, fullscreen does not seem to work with both attributes enabled, if you are in the HTML5 beta check an example here: http://bcmoney-mobiletv.com/view/2133/monty-python-tax-sketch/

However, when I leave the HTML5 beta program it plays back in the standard YouTube Flash player, which ignores those iFrame attributes completely.

So, it really depends what your goals are. If you want added security and an experience that feels more like an in-page web video that is controlled by your page, go ahead and use those attributes, however, if you want to give the user a full range of controls and options, leave off sandbox and/or seamless.