Referrer issues re Vimeo domain-level privacy settings


(Ian Sinclair) #1

Can anyone think of a RW plugin that might be blocking referral data?

I’m having trouble getting my vimeo embeds to play on my site when I use Vimeo’s domain-level privacy settings.
The latest from vimeo support points out that domain-level privacy depends on the referrer.
The possible problems could be

• meta tag referrer set to “no-referrer” or “origin-when-crossorigin”

  • This does not seem to be the case. The only referrer tag I have found is content=“same-origin”

• IP address in privacy setting (N/A)

• Page hosted on different domain from the one listed in the address bar (I’m not sure how that would happen)

• embedded player contained within an iframe or referrer-blocking element. (That is not the case)

• a third-party plugin that purposefully blocks referral data sent from the site.

So, can anyone think of a RW plugin that might be blocking referral data?

The site in question is SinclairMartialArts.com

Specifically: https://sinclairmartialarts.com/sinclair-martial-arts-blog/


(Doug Bennett) #2

It might be easier to get help if you provide a URL to the site.


(Ian Sinclair) #3

Thanks. I have edited my post.


(Doug Bennett) #4

Are you sure the Vimeo’s domain-level privacy is set up correctly?
With a quick look, I don’t see anything jumping out.

I would double-check the Vimeo settings
Then if they look OK I would try a simple page with nothing on it but the Vimeo Video.


(Mathew Mitchell) #5

This is your video on Vimeo?

Does embedding work if you let everyone see it and turn off domain-level privacy?

I have a Vimeo Plus account, but never use domain-level privacy, so I may not be able to help much. But the 2 questions above are still possibly relevant.


(Ian Sinclair) #6

Yes, the settings are correct. I have also tried it on several different types of pages.


(Ian Sinclair) #7

The embedding works if I turn off domain-level privacy.


(Mathew Mitchell) #8

Okay, I just tested with a video of my own and all works fine.

How are you embedding? Putting the relevant code into an HTML stack? Something else?

How did you define the domain. On my first try I included https:// and that didn’t work. So I put in the general domain without the beginning part (https://).


(Ian Sinclair) #9

Vimeo truncates the domain when you enter it. So, you can enter https://—.com and http://—.com, www.—.com, —.com, and —.com/a-page, and Vimeo will only allow —.com.


(Mathew Mitchell) #10

That wasn’t my experience at all. Your domain name at Vimeo should NOT have any http stuff associated with it. The domain in your case would be:

sinclairmartialarts.com

Have you tried that?


(Mathew Mitchell) #11

I’ve just tried making your domain the only place where one of my videos can be shown. Try this embed code and see if it works:

<iframe src="https://player.vimeo.com/video/135282289" width="640" height="360" frameborder="0" allow="autoplay; fullscreen" allowfullscreen></iframe>

You’ll need to copy the whole long line.


(Mathew Mitchell) #12

@iansinclair I’m undoing the specific domain setting for my one video. Hopefully you got things sorted out, or at least were able to test with my example. At any rate, I need the video, after 8 hours, to now be available to anyone again. Hope you got the issue sorted.


(Ian Sinclair) #14

Problem solved.
The referrer meta tag content=“same-origin” was the culprit.
Apparently I had privacy settings for my site set to “Anonymise requests to third party servers”

D’oh


(Nick Wilcox-Brown) #15

Just seen this - Yes, the RW setting “Anonymise requests to third party servers” is very dangerous indeed - there is no explanation of what it really does - I fell foul of it a few months ago and it totally breaks Vimeo, presumably YT too.

Perhaps @Aaron @dan could flag this to the team?