Failed to execute 'postMessage' on 'DOMWindow': target/origin mismatch http vs https

target postmessage ytplayer
wuliwong picture wuliwong · Jan 11, 2015 · Viewed 38.9k times · Source

I apologize up front as I'm very confused by my problem. I'm really in a bind because this is causing a problem on my production site.

I have a javascript player on my site which plays through song lists which can be hosted on youtube, soundcloud or vimeo. Yesterday I noticed this error which generally arises anytime you try to load a new song through "skipping" with the player buttons. This error just started in the last day or two. I am not seeing anything new in the youtube api release notes and this error occurs using Chrome, Firefox and Safari, so it is most likely not related to a change in the browser. Something that I am using has changed though, as I have not pushed new code in 18 days.

An example playlist is here: http://www.muusical.com/playlists/programming-music

I think I have isolated the way to reproduce the error, here are the steps:

  1. Play a youtube hosted song.
  2. Skip to any other song in the list (whether by pressing the skip buttons or directly pressing the play button on the song's row item).

*Note, that if the first song in the playlist is a youtube song, simply skipping to another song even without playing the initially loaded youtube song will produce the error.

Essentially, the error seems to occur once you have loaded and/or played a youtube song and attempt to skip to another song.

Let me know if you find an exception to this behavior.

I see this error in the console:

Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.muusical.com') does not match the recipient window's origin ('http://www.muusical.com').

I load the player with using the youtube javascript api:

new YT.Player('playlist-player', {
      playerVars: { 'autoplay': 1, 'fs': 0 },
      videoId: "gJ6APKIjFQY",
      events: {
        'onReady': @initPlayerControls,
        'onStateChange': @onPlayerStateChange
      }
    })

Which produces this iframe:

<iframe id="playlist-player" frameborder="0" allowfullscreen="1" title="YouTube video player" width="640" height="360" src="https://www.youtube.com/embed/gJ6APKIjFQY?autoplay=1&amp;enablejsapi=1&amp;origin=http%3A%2F%2Fwww.muusical.com"></iframe>

After hitting skip from the above youtube song, this is what I see loaded in the iframe:

<iframe id="playlist-player" frameborder="0" allowfullscreen="1" title="YouTube video player" width="640" height="360" src=""></iframe>

I support youtube, soundcloud and vimeo songs. It seems like once a youtube song is loaded the "origin" changes from http to https. I don't think it is necessary to include the embedding methods for the other hosts as this error occurs even if the entire playlist is only youtube and it does not occur in a playlist which consists of only songs from soundcloud and vimeo.

Also, this is how I am loading the youtube javascript:

// Load the IFrame Player API code asynchronously.
  var tag = document.createElement('script');
  tag.src = "https://www.youtube.com/player_api";
  var firstScriptTag = document.getElementsByTagName('script')[0];
  firstScriptTag.parentNode.insertBefore(tag, firstScriptTag);

Please let me know if you need me to clarify anything and thanks in advance for taking a look.

Answer

sodawillow picture sodawillow · Jan 12, 2015

I have read a bit about this, some SO posts here and there and this link too : https://code.google.com/p/gdata-issues/issues/detail?id=5788

I was about to add a comment to your question, saying I was getting crazy over this ... but when I started to describe my setup, I found a way to avoid the issue ^^.

I start with an empty div element, and use the Youtube Iframe API to turn it into an iframe with all the necessary options.

I have multiple divs like this one, and usually use the same JS variable to store all those players, but one at a time (one replaces the other, and so on ... - it could be better, I know).

To fix the issue, I had the idea to destroy the player with youtubePlayer.destroy(); before building a new one from another element. No more JS errors bleeding in my Chrome console :).

Hope it helps, all the litterature I could read about http and https did not apply to my case, because I am not setting the iframe URL myself, and my website happens to be not https ...

I did restore an async call instead of a static script tag in my HTML but I do not think this was necessary.

EDIT : this error message is quite misleading in fact, it only vaguely means : you are not using the youtube API the proper way :)

Related questions

Can I create links with 'target="_blank"' in Markdown?

Is there a way to create a link in Markdown that opens in a new window? If not, what syntax do you recommend to do this. I'll add it to the markdown compiler I use. I think it should be …

Read More
jQuery: go to URL with target="_blank"

I am using this bit of jQuery code to get href of the link: var url = $(this).attr('href'); -- and this bit of code to go to that href: window.location = url; Everything is just the way I want …

Read More
How to set child process' environment variable in Makefile

I would like to change this Makefile: SHELL := /bin/bash PATH := node_modules/.bin:$(PATH) boot: @supervisor \ --harmony \ --watch etc,lib \ --extensions js,json \ --no-restart-on error \ lib test: NODE_ENV=test mocha \ --harmony \ --reporter spec \ test clean: @rm -rf node_…

Read More