on third-party sites. * * Usage: */ require_once __DIR__ . '/includes/db.php'; $slug = trim($_GET['v'] ?? ''); $video = $slug ? get_video_by_slug($slug) : null; // Determine absolute base URL for media files. // We need absolute URLs here because the embed lives on a foreign domain. $scheme = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http'; $host = $_SERVER['HTTP_HOST'] ?? 'localhost'; $script = dirname($_SERVER['SCRIPT_NAME'] ?? '/'); $script = rtrim($script, '/'); $base_url = $scheme . '://' . $host . $script . '/'; // e.g. https://tyclifford.com/live/ // X-Frame-Options: allow embedding from any origin. // If you want to restrict, change ALLOWALL to SAMEORIGIN or remove for CSP header instead. header('X-Frame-Options: ALLOWALL'); header('Content-Security-Policy: frame-ancestors *'); ?> <?= $video ? htmlspecialchars($video['title'], ENT_QUOTES) . ' — TyClifford.com' : 'Video Player' ?>
tyclifford.com