From 433a1bbeeadd975385d4c24e354cc2f47ee66d5e Mon Sep 17 00:00:00 2001
From: Jonah Aragon <jonah@triplebit.net>
Date: Mon, 27 Feb 2023 13:30:48 -0600
Subject: [PATCH] Use Invidious for Embeds

---
 docs/advanced/tor-overview.en.md              | 4 ++--
 docs/basics/multi-factor-authentication.en.md | 2 +-
 docs/os/linux-overview.en.md                  | 4 ++--
 netlify.toml                                  | 2 +-
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/docs/advanced/tor-overview.en.md b/docs/advanced/tor-overview.en.md
index d9599883c8..4658729ac1 100644
--- a/docs/advanced/tor-overview.en.md
+++ b/docs/advanced/tor-overview.en.md
@@ -75,5 +75,5 @@ If you wish to use Tor for browsing the web, we only recommend the **official**
 ## Additional Resources
 
 - [Tor Browser User Manual](https://tb-manual.torproject.org)
-- [How Tor Works - Computerphile](https://www.youtube-nocookie.com/embed/QRYzre4bf7I) <small>(YouTube)</small>
-- [Tor Onion Services - Computerphile](https://www.youtube-nocookie.com/embed/lVcbq_a5N9I) <small>(YouTube)</small>
+- [How Tor Works - Computerphile](https://invidious.privacyguides.net/embed/QRYzre4bf7I?local=true) <small>(YouTube)</small>
+- [Tor Onion Services - Computerphile](https://invidious.privacyguides.net/embed/lVcbq_a5N9I?local=true) <small>(YouTube)</small>
diff --git a/docs/basics/multi-factor-authentication.en.md b/docs/basics/multi-factor-authentication.en.md
index ac193b3aed..690cfcf0c1 100644
--- a/docs/basics/multi-factor-authentication.en.md
+++ b/docs/basics/multi-factor-authentication.en.md
@@ -77,7 +77,7 @@ When you create an account, the public key is sent to the service, then when you
 This presentation discusses the history of password authentication, the pitfalls (such as password reuse), and discussion of FIDO2 and [WebAuthn](https://webauthn.guide) standards.
 
 <div class="yt-embed">
-  <iframe width="560" height="315" src="https://www.youtube-nocookie.com/embed/aMo4ZlWznao" title="How FIDO2 and WebAuthn Stop Account Takeovers" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
+  <iframe width="560" height="315" src="https://invidious.privacyguides.net/embed/aMo4ZlWznao?local=true" title="How FIDO2 and WebAuthn Stop Account Takeovers" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
 </div>
 
 FIDO2 and WebAuthn have superior security and privacy properties when compared to any MFA methods.
diff --git a/docs/os/linux-overview.en.md b/docs/os/linux-overview.en.md
index 3b9a50e198..dd2119c77a 100644
--- a/docs/os/linux-overview.en.md
+++ b/docs/os/linux-overview.en.md
@@ -33,7 +33,7 @@ For frozen distributions such as [Debian](https://www.debian.org/security/faq#ha
 We don’t believe holding packages back and applying interim patches is a good idea, as it diverges from the way the developer might have intended the software to work. [Richard Brown](https://rootco.de/aboutme/) has a presentation about this:
 
 <div class="yt-embed">
-  <iframe width="560" height="315" src="https://www.youtube-nocookie.com/embed/i8c0mg_mS7U" title="Regular Releases are Wrong, Roll for your life" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
+  <iframe width="560" height="315" src="https://invidious.privacyguides.net/embed/i8c0mg_mS7U?local=true" title="Regular Releases are Wrong, Roll for your life" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
 </div>
 
 ### Traditional vs Atomic updates
@@ -47,7 +47,7 @@ A transactional update system creates a snapshot that is made before and after a
 The Atomic update method is used for immutable distributions like Silverblue, Tumbleweed, and NixOS and can achieve reliability with this model. [Adam Šamalík](https://twitter.com/adsamalik) provided a presentation on how `rpm-ostree` works with Silverblue:
 
 <div class="yt-embed">
-  <iframe width="560" height="315" src="https://www.youtube-nocookie.com/embed/-hpV5l-gJnQ" title="Let's try Fedora Silverblue — an immutable desktop OS! - Adam Šamalik" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
+  <iframe width="560" height="315" src="https://invidious.privacyguides.net/embed/-hpV5l-gJnQ?local=true" title="Let's try Fedora Silverblue — an immutable desktop OS! - Adam Šamalik" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
 </div>
 
 ### “Security-focused” distributions
diff --git a/netlify.toml b/netlify.toml
index a9ed5d3075..b89ff3fd27 100644
--- a/netlify.toml
+++ b/netlify.toml
@@ -12,7 +12,7 @@
     X-XSS-Protection = "0"
     X-Content-Type-Options = "nosniff"
     Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
-    Content-Security-Policy = "default-src 'none'; script-src https://www.privacyguides.org https://api.privacyguides.net 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; img-src data: 'self'; connect-src https://api.github.com https://api.privacyguides.net 'self'; frame-src https://stats.privacyguides.net; frame-ancestors 'none'"
+    Content-Security-Policy = "default-src 'none'; script-src https://www.privacyguides.org https://api.privacyguides.net 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; img-src data: 'self'; connect-src https://api.github.com https://*.privacyguides.net 'self'; frame-src https://*.privacyguides.net; frame-ancestors 'none'"
 
 [[headers]]
   for = "/about/donate/"