Referrer Policy and Wistia's Domain Restrictions
Learn about which referrer policies are compatible with Wistia's Domain Restrictions feature
How Domain Restrictions work
Domain Restrictions is a security feature for restricting where your videos can be embedded. This works by doing a check every time embeds are loaded on a webpage, comparing the domain of the parent webpage to the list of approved domains managed in your account settings. If the domain isn't recognized, no video files or player will be rendered on the page, instead showing a "Video not authorized to be embedded here" message.
This feature depends on the Wistia player being able to identify the parent document's referer
value on load, and check that against the list of approved domains. If the referer
is hidden altogether from the Wistia player, it cannot verify an approved domain and the video player will not load. The Wistia player needs access to the origin URL, i.e. the domain or sub-domain of the webpage with the embedded video.
Managing your domain restrictions allow-listAccount owners can manage the list of approved domains on the Account Settings page.
Configuring referrer policy for Domain Restrictions
Certain referrer-policy
values can restrict the Wistia player's ability to perform the domain restrictions check on page load, in which case the videos may fail to load even if you have the correct URLs allow-listed in the account settings.
This is fixable by setting one of the supported policies below.
βοΈ Referrer policies compatible with Domain Restrictions
no-referrer-when-downgrade
origin
origin-when-cross-origin
strict-origin
strict-origin-when-cross-origin
unsafe-url
β Referrer policies NOT compatible with Domain Restrictions
no-referrer
same-origin
Learn more about Domain Restrictions
See the full how-to guide on Domain Restrictions in the Wistia Help Center .
Updated 24 days ago