Embedding domain-level restricted videos from vimeo issue

[marumehrts]

Hi!
Turns out, when a video is set to allow embedding on certain domains, the API returns 404. Which got us blocked, but taht was solved.
Now we are trying to embed according this short documentation https://developer.vimeo.com/api/oembed/videos#embedding-videos-with-domain-privacy
We're setting the CURLOPT_HTTPREFERER with the domain from the whitelisted domains in Vimeo, also the headers with referer, but still returns 404. If we try the same in linux terminal, we get the correct response with video info. Any ideas on why this could be happening? is there somewhere on this library which resets the headers/referer?

[oscarotero]

Can I see the code you're using?

[marumehrts]

It's pretty simple actually

$dispatcher = new \Embed\Http\CurlDispatcher([
      CURLOPT_REFERER => 'https://www.siteurl.com',
]);
$info = Embed::create($url, null, $dispatcher);

[oscarotero]

It looks ok.
Check if this configuration value is already sent to curl resource (here: https://github.com/oscarotero/Embed/blob/v3.x/src/Http/CurlDispatcher.php#L139), or maybe disabling CURLOPT_AUTOREFERER.

[marumehrts]

Well I've checked and it does apparently send the referer in the header

"request_header" => """
GET /299008939 HTTP/1.1\r\n
User-Agent: Embed PHP library\r\n
Host: vimeo.com\r\n
Accept-Encoding: deflate, gzip\r\n
Referer: https://www.siteurl.com\r\n
Accept: */*\r\n
\r\n

Didn't work, neither disabling CURLOPT_AUTOREFERER, we opted to set video privacy to private link, and this way works.
Thanks anyways!

[oscarotero]

Try changing the User-Agent for a real browser UA. Some sites blocks request from unknow user agents

[qrazi]

Can confirm that adding a custom user agent does retrieve the full oembed.