Please let me start a new thread on this subject. It seems now clear that the GDPR requires to give users the choice to see iframe-content or not. Which means that video embedding is currently not possible, especially for guests.
On a few other platforms, e.g. CMSimple_XH, there exist addons which display a thumbnail first, e.g, the custom thumbnail of the video and warn the user that they enter the range of the google privacy rules when they click the video. That thumbnail will always be loaded by the server, so the privacy is not touched.
What about the state or plans of ElkArte in this respect?
Is the creation of preview image be handled by the server, in a way that Youtube cannot see personal data from the user? In that case, ElkArte would be almost GDPR conforming - the only missing thing is a note that actually displaying the video will happen under the data protection policy of Google.
Not really, I don't think any software will be "GDPR compliant" out of the box (despite what others may think), but that's not the place to discuss this.
I guess it can be added to the list.
For Youtube videos you have to inform along the gdpr that you use thirst party tools then put in a link to youtubes Policy ..
First if you use thirt party tool:
Then for youtube
Hope this helps ...
Thanks, feline, i am aware of this. Unfortunately this refers only to registered users.
In order to be conforming or at least "non-attackable" it would be necessary to exclude guests from seeing embedded stuff. Not only videos.
Apparently it is not possible to exclude guests from seeing these.
One of the key problems in this respect is that the video embedding is done through Javascript, i.e. on the user's machine. A safe and conforming implementation should IMHO run on the server and thus hide the user data in requests to the video sites unless the user explicitly loads the video.
On our Forum, Guest see ONLY a LINK to the video .. it's not embedded in this case !!
Which might imply that one could port that part of Your code into ElkArte as well?
But hopefully for the time
after 1.1.4.
Yes, indeed.
I would like to have 1.1.4 out soonish because there is also a fix for a little security issue reported a few days ago.
Wise, indeed. I am fully with You in this respect.
BTW: how hard is it to port an Addon made for SMF 2.0.13 to Elk?
After a quick check of the sources, OharaYTEmbed might be a possible starting point: the License seems to allow porting and derivative work, and the relevant parts of the coding are done within PHP and hence on the server.
It depends. I have ported a few of my smf addons to elkarte It really depends on what features are used.
Why port a youtube embedder?
Right, there already is one standard with ElkArte. Better prepare the current embedder to be fit for the future.
I had a look at Elk's embedder.
As i wrote, the embedding is entirely done by some Javascript code. That means that everything "happens" in the browser. This has the obvious advantage of reducing the load on the server. But it has the disadvantage that the user data cannot be initially from the video hoster before the user can agree to send his data to the hoster.
So technically the part displaying the preview image of the video must be done on the server. And that's a massive change of the forum. At least for someone who does not know the internals of Elk or SMF things might be easier if there was a reasonably well documented API. That's the background of my question.
If you want a php solution: https://www.elkarte.net/community/index.php?topic=5178.0
Thanks. I'll check it the next days.
I also have one an embedder at https://www.elkarte.net/community/index.php?topic=4212.0