Gutenberg: Allow embedding GDPR-compatible YouTube-NoCookie.com videos

Good suggestion! Can you share an example YouTube URL?

Here's the URL of the official video for WordPress 5.0: https://www.youtube-nocookie.com/embed/72xdCU__XCk

This is the embed code YouTube gives you when selecting the "enable privacy-enhanced mode":

<iframe width="560" height="315" src="https://www.youtube-nocookie.com/embed/72xdCU__XCk" frameborder="0" allow="accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>

Should be as easy as updating the list of oEmbed providers in core. I don‘t think any action in Gutenberg is needed, a Trac ticket is fine.

We have to add the URL to the patterns, when it's in oEmbed providers list: https://github.com/WordPress/gutenberg/blob/master/packages/block-library/src/embed/core-embeds.js#L46

Existing core ticket: https://core.trac.wordpress.org/ticket/44610

Needs a proper patch, if anyone's up for it.

Tested the modifications suggested in this ticket but it did not seem to work (can not update the post, so i guess there might be some further validation behind the scenes and the youtube-nocookie.com domain just can not pass that. Otherwise i think the proposed code change for the oembed feature should be fine). Please try to allocate some resources as this topic is really important: right now by embedding youtube content in GB the yt cookies are setup immediately even if the user does not play the video. By the time the user could read the cookie rules or act anything, those cookies with personal data (consider GPS cookie) are already sent... this is clearly violating GDPR.

Here is some progress. By altering line 47 of packages/block-library/src/embed/core-embed.js like that while npm run build is running:

patterns: [ /^https?:\/\/((m|www)\.)?youtube(-nocookie)?\.com\/.+/i, /^https?:\/\/youtu\.be\/.+/i ],

will update some files and as a result GB begins to accept youtube-nocookie video links, the poster shows up, one can even save the post. The video also shows up in the frontend... however in the frontend the iframe still has the regular youtube domain, not that with -nocookie.
So it seems there is something happening outside GB and the oembed process just replaces youtube-nocookie.com to youtube.com.

IMO a better implementation than having to insert the nocookie URL would be to give the user a checkbox in the block settings to "Enable privacy-enhanced mode." This is the same approach as YouTube offers itself in its own embed options.

Just my 2 cents, but privacy-enhanced mode should be the default. Privacy should be opt-out, not opt-in. That is the spirit of all recent regulations both in the EU and US

i am still having the same issue with displaying nocookie youtube urls.
Any news and update?

thanks

Until this is added to the oEmbed URL pattern into core, you can use the Share embed code and paste it into the CustomHTML block, though. This works in all Gutenberg version.

Closing in favor of the core ticket.

I do not understand how 2 years later there ist still no solution made by Wordpress. Wordpress is not working regarding the law.

@kohlfuerst This ticket is closed. The Core ticket is here: Please follow the discussion there and add your comments.