File Under: Multimedia

Get Started With OEmbed

Anyone with a blog will tell you: the best thing about the social media sharing revolution is the “sharing” part.

Popular sharing sites like YouTube, Photobucket and offer embed codes, strings of code that make it easy for you to plug a video or a song (inside a small player or display wrapper) into your page. These codes work great for sites that offer them, but embed codes and options for embedding media differ greatly from site to site. And some sites don’t offer any easy sharing codes.

It’s easy enough to post an image or MP3 if you know some HTML. But by now we’re deep into the age of the big “share” button — blog tools and widgets that offer no-brainer, one-click posting. So if you’re building a social app that allows users to share images, videos or songs, your visitors will expect something that’s as dead easy as it gets.

To that end, what if there was a standard for grabbing a full multimedia embed code from a URL? Wouldn’t it be nice if you could turn a simple URL link into an embedded Flickr image or YouTube video? Sure, you can reverse engineer many of the various embed structures offered by sharing sites, but what happens when the host of your embeded media changes its format or relocates the actual asset? Thousands of broken links suddenly litter your site.

These are the wishes (and problems) that led to OEmbed, a new proposed standard for taking a URL and generating an embed link. The proposal is the brainchild of Pownce developers Leah Culver and Mike Malone, as well Cal Henderson of Flickr and Richard Crowley of OpenDNS.

Not every site supports it, so OEmbed isn’t going to solve all your embedding needs overnight. But given that some big names — like Flickr and Viddler — have already signed on, we think others will soon follow suit.

Let’s dive in to see how OEmbed can make your life (and your webapp) easier.


  1. An OEmbed Overview
  2. Using OEmbed
  3. Getting more complex
    1. Security Note
  4. Sky’s the Limit
  5. Why We Love OEmbed

An OEmbed Overview

Put simply, OEmbed dictates a standard format where you send a URL and the host site provides the embed code. In the simplest case, you would capture the URL your user has entered and then query the originating service’s API to get back any additional info you need.

Here’s how it works: The user enters a URL, the service (say Pownce) then queries the source of the URL (say, Flickr). The source site then sends back all the necessary information for Pownce to embed the image automatically.

The full OEmbed spec says that all requests sent to the API endpoint (Flickr in our example) must be HTTP GET requests, with any arguments sent as query parameters. Obviously any arguments you send through HTTP should be url-encoded (as per RFC 1738 in this case).

The following query parameters are defined as part of the spec:

  • url (required) – The URL to retrieve embedding information for
  • maxwidth (optional) – the maximum width of the embedded resource
  • maxheight (optional) – the maximum height of the embedded resource
  • format (optional) – the required response format (i.e. XML or JSON)

The maxwidth, maxheight parameters are nice when you’re embedding content into a fixed-width design and you don’t want to end up with embeds that turn your carefully designed site into some horrible-looking MySpace page.

As for the response you get back from an OEmbed call, that will depend somewhat on what type of object you’re interested in embedding. In general you can expect things like the type of object, the owner of the content, thumbnails and more. For full details check out the OEmbed site.

Using OEmbed

Let’s say you’ve built a content sharing site like FriendFeed. I join your site and want to post this Flickr image of the Himalayas using just the URL. I cut and paste the URL from my browser window to your text field and then you would query Flickr using this code:

The XML response you would get back looks like this:














As you can see, all you need to do is grab the url and plug that into a standard img tag and my photo will show up without me having to do any extra work at all.

And I know what you’re thinking — if I just provide a text field for the user to paste in a URL how will I know what service to query? There’s two obvious ways you can handle that. One would be to provide a drop down menu that allows users to specify the source of the link. The other would be the just parse the link with some Regular Expressions magic and handle it transparently.

If you have other ideas, be sure to add them.

Getting more complex

That’s all well and good, but what about more complex examples like video? This is actually where OEmbed shines — no more filling in some complex embedding template that’s liable to break whenever something changes on the source site.

This time we’ll use Viddler as an example. Let’s say the visitor to our sharing site wants to embed this video. They copy the URL and paste it in our form’s text field. Then we query Viddler’s OEmbed URL. But this time, we’ll add a parameter to make sure the embedded video is 400 pixels wide.

The query code would look like this:

Viddler will then return this XML response (or if you change the format parameter to JSON, you could get a JSON response):

<?xml version="1.0" encoding="UTF-8"?>






	<title>Rick Roll Muppets Version</title>






	<html><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" width="400" height="342" id="viddlerplayer-4310bfba"><param name="movie" value="" /><param name="allowScriptAccess" value="always" /><param name="allowFullScreen" value="true" /><embed src="" width="400" height="342" type="application/x-shockwave-flash" allowScriptAccess="always" allowFullScreen="true" name="viddlerplayer-4310bfba" ></embed></object></html>


As you can see, the last element of the response, the html node, gives us the embed code and keeps the video constrained to the dimensions we specified. It doesn’t get much easier than that.

Viddler has even put together a cool little sample app that shows OEmbed in action.

Security Note

When you’re creating a site that’s going to display HTML (as with video embeds), there’s always the potential for cross-site scripting (XSS) attacks from the site providing the code. At the moment, all the sites offering OEmbed are reputable, but that may not always be the case. To avoid opening your site up to XSS attacks, the OEmbed authors recommend displaying the HTML in an iframe, hosted from another domain. This ensures that the HTML cannot access cookies from the consumer domain.

Sky’s the Limit

OEmbed isn’t just for developers either. If you wrapped OEmbed as a WordPress or Movable Type Plug-in, even posting content on your own site would be considerably easier. At the moment no one has released any plug-ins, but the specification is still young.

If happen to be working with the Django web framework, there’s already a nice set of OEmbed template tags up on Google code. The project allows you to do things like this in your Django templates:

{% OEmbed %}

{% endOEmbed %}

Why We Love OEmbed

There’s a bunch of ever-changing social web specs out there promising all sort of things, from easier logins though OAuth and OpenID to Google and Facebook’s widget platforms. But where many of the promises of those specs remain unfulfilled, OEmbed is here today and it just works.

Obviously, it’s missing some key provider sites like YouTube or Picasa, but hopefully it won’t be long before OEmbed becomes a standard part of every successful web API.

Check out the list of current implementations at the OEmbed website. Also worth a look is Deepak Sarda’s OohEmbed. The new service will spit out the embed schemes for various sites that haven’t had a chance to implement OEmbed themselves. For example, here’s the JSON response for a YouTube video.