Hi,
I'm currently trying to add a new Mycode to my forums for Soundcloud embedding. Everytime I try and add the code including 'iframe' and then save it such as:
<iframe width="100%" height="166" scrolling="no" frameborder="no" src="https://w.soundcloud.com/player/?url=$1"></iframe>
I get the error page below:
''Forbidden
You do not have permission to access this document.''
I'm running:
[mybb 1.8.7] and [php 5.4.4.5]
any ideas why I'm getting this error, could it be a problem with the host? the Mycode saves fine if its the older flash replacement code, but I understand Soundcloud no-longer support flash and now use HTML5, hence why I need to use the iframe code.
Any ideas please?
thankyou.
iframe would need HTML enabled in editor. Did you check ?
It's likely mod_security or something detecting it as an attack. You need to contact your host.
That's right, contact your host, that's a false alarm in your hosting
I can confirm I've resolved this issue now, it was infact Mod_security, a HTML filter blocking it, so thankyou very much for suggesting that.
On a similar topic:
in HTML5 iframes had a
sandbox attribute added to try and further security, since any flash file or feed can potentially be exploited X-Script.
While technically Mybb 1.8.# isn't HTML5, browsers are forgiving enough to allow you use snippets to hybrid.
Below is a breakdown of what I've done, hopefully it will be helpful to someone else.
I added to the
css3.css in themes:
.maxvidsize{
width:85%;
}
.video-container {
position: relative;
padding-bottom: 56.25%; /* 16:9 */
padding-top: 25px;
height: 0;
}
.video-container iframe,
.video-container object,
.video-container embed {
position: absolute;
top: 0;
left: 0;
width: 100%;
height: 100%;
}
I changed out the video_youtube_embed template to:
<div class="maxvidsize">
<div class="video-container">
<iframe width="560" height="315" src="https://www.youtube.com/embed/{$id}" frameborder="0" allowfullscreen sandbox="allow-same-origin allow-scripts"></iframe>
</div>
</div>
<a href="https://www.youtube.com/watch?v={$id}" target="_blank" title="External Link to youtube video"><i class="fa fa-fw fa-external-link"></i> https://www.youtube.com/watch?v={$id}</a>
This set's up the youtube video's to be in a sandbox (further security tightening is possible, so feel free to experiment)
It's suppose to maintain ratio while scaling (for mobile platforms) but I wasn't able to test it fully.
It also automatically places a link at the bottom of the video. This is actually necessary as if you are using a browser with security settings rigged to reduce tracking, video's won't actually show unless you follow the link directly (Iframes are blocked).
(You might notice with the link I was also using Fontawesome. If you aren't using that, then just remove the < i> tag.)
With a bit of editing it should be easy enough to convert it to other video sites.