Failed to execute ‘postMessage’ on ‘DOMWindow’: !== http://localhost:9000

The question:

This is the error message that I get:

Failed to execute 'postMessage' on 'DOMWindow': The target origin provided
('') does not match the recipient window's origin 

I’ve seen other similar problems where the target origin is and the recipient origin is, but none like mine where the target is and the origin is http://localhost:9000.

  1. I don’t get the problem. What is the problem?
  2. How can I fix it?

The Solutions:

Below are the methods you can try. The first solution is probably the best. Try others if the first one doesn’t work. Senior developers aren’t just copying/pasting – they read the methods carefully & apply them wisely to each case.

Method 1

I believe this is an issue with the target origin being https. I suspect it is because your iFrame url is using http instead of https. Try changing the url of the file you are trying to embed to be https.

For instance:

'//' + id + '?showinfo=0&enablejsapi=1&origin=http://localhost:9000';

to be:

'' + id + '?showinfo=0&enablejsapi=1&origin=http://localhost:9000';

Method 2

Just add the parameter "origin" with the URL of your site in the paramVars attribute of the player, like this:

this.player = new window['YT'].Player('player', {
    videoId: this.mediaid,
    width: '100%',
    playerVars: { 
        'autoplay': 1,
        'controls': 0,
        'autohide': 1,
        'wmode': 'opaque',
        'origin': 'http://localhost:8100' 

Method 3

Setting this seems to fix it:

  this$1.player = new YouTube.Player(this$1.elementId, {
    videoId: videoId,
    host: '',

Method 4

You can save the JavaScript into local files:

Into the first file, player_api put this code:

if(!window.YT)var YT={loading:0,loaded:0};if(!window.YTConfig)var YTConfig={host:""};YT.loading||(YT.loading=1,function(){var o=[];YT.ready=function(n){YT.loaded?n():o.push(n)},window.onYTReady=function(){YT.loaded=1;for(var n=0;n<o.length;n++)try{o[n]()}catch(i){}},YT.setConfig=function(o){for(var n in o)o.hasOwnProperty(n)&&(YTConfig[n]=o[n])}}());

Into the second file, find the code: this.a.contentWindow.postMessage(a,b[c]);

and replace it with:

this._skiped = true;

Of course, you can concatenate into one file – will be more efficient.
This is not a perfect solution, but it’s works!

My Source : yt_api-concat

Method 5

Make sure you are loading from a URL such as:

Note the “origin” component, as well as “enablejsapi=1”. The origin must match what your domain is, and then it will be whitelisted and work.

Method 6

In my case this had to do with lazy loading the iframe. Removing the iframe HTML attribute loading="lazy" solved the problem for me.

Method 7

I got the same error. My mistake was that the enablejsapi=1 parameter was not present in the iframe src.

Method 8

Try using window.location.href for the url to match the window’s origin.

Method 9

There could be any of the following, but all of them lead into DOM not loaded before its accessed by the javascript.

So here is what you have to ensure before actually calling JS code:
* Make sure the container has loaded before any javascript is called
* Make sure the target URL is loaded in whatever container it has to

I came across the similar issue but on my local when I am trying to have my Javascript run well before onLoad of the main page which causes the error message. I have fixed it by simply waiting for whole page to load and then call the required function.

You could simply do this by adding a timeout function when page has loaded and call your onload event like:

window.onload = new function() {
setTimeout(function() {
// some onload event
}, 10);

that will ensure what you are trying will execute well after onLoad is trigger.

Method 10

You also get this message when you do not specify a targetOrigin in calls to window.postMessage().

In this example we post a message to the first iFrame and use * as target, which should allow communication to any targetOrigin.

                    message : "Hi there",
                    command :"hi-there-command",
                    data : "Some Data"
                }, '*')

Method 11

In my instance at least this seems to be a harmless “not ready” condition that the API retries until it succeeds.

I get anywhere from two to nine of these (on my worst-case-tester, a 2009 FossilBook with 20 tabs open via cellular hotspot)…. but then the video functions properly. Once it’s running my postMessage-based calls to seekTo definitely work, haven’t tested others.

Method 12

It looks it’s only a Chrome security system to block repeated requests, using CORB.

In my case, YouTube was blocking Access after the first load of the same webpage which has many video API data request, high payload.

For pages with low payload, the issue does not occur.

In Safari and other non Chronuim based browsers, the issue does not occur.

If I load the webpage in a new browser, the issue does not occur, when I reload the same page, the issue appears.

Method 13

I think the description of the error is misleading and has originally to do with wrong usage of the player object.

I had the same issue when switching to new Videos in a Slider.

When simply using the player.destroy() function described here the problem is gone.

Method 14

I had this same problem and it turns out it was because I had the Chrome extension “HTTPS Everywhere” running. Disabling the extension solved my problem.

Method 15

This exact error was related to a content block by Youtube when “playbacked on certain sites or applications”. More specifically by WMG (Warner Music Group).

The error message did however suggest that a https iframe import to a http site was the issue, which it wasn’t in this case.

Method 16

Remove DNS Prefetch will solve this issue.

If you’re using WordPress, add this line in your theme’s functions.php

remove_action( 'wp_head', 'wp_resource_hints', 2 );

Method 17

You could change your iframe to be like this and add origin to be your current website. It resolves error on my browser.

<iframe class="test-testimonials-youtube-group"  type="text/html" width="100%" height="100%"


Method 18

In some cases (as one commenter mentioned) this might be caused if you are moving the player within DOM, like append or etc..

Method 19

Just wishing to avoid the console error, I solved this using a similar approach to Artur’s earlier answer, following these steps:

  1. Downloaded the YouTube Iframe API (from to a local yt-api.js file.
  2. Removed the code which inserted the www-widgetapi.js script.
  3. Downloaded the www-widgetapi.js script (from to a local www-widgetapi.js file.
  4. Replaced the targetOrigin argument in the postMessage call which was causing the error in the console, with a “*” (indicating no preference – see
  5. Appended the modified www-widgetapi.js script to the end of the yt-api.js script.

This is not the greatest solution (patched local script to maintain, losing control of where messages are sent) but it solved my issue.

Please see the security warning about removing the targetOrigin URI stated here before using this solution –

Patched yt-api.js example

Method 20

Adding origin=${} or "*" is not enough.

Add https:// before it and it will work.

Also, make sure that you are using an URL that can be embedded: take the video ID out and concatenate a string that has the YouTube video prefix and the video ID + embed definition.

Method 21

This helped me (with Vue.js)

Found here vue-youtube

mounted() {
  window.YTConfig = {
    host: ''
  const host = this.nocookie ? '' : ''

  this.player = player(this.$el, {
    width: this.width,
    height: this.height,
    videoId: this.videoId,
    playerVars: this.playerVars

Working like a charm like this:

data() {
  return {
    playerVars: {
      origin: window.location.href,

Method 22

I think we could customize the sendMessage of the YT.Player

playerOptions.playerVars.origin = window.location.origin or your domain.
this.youtubePlayer = new YT.Player(element,playerOptions);
this.youtubePlayer.sendMessage = function (a) { =, = "widget", a = JSON.stringify(a);
   var url = new URL(this.h.src), origin = url.searchParams.get("origin");
   if (origin && this.h.contentWindow) {
       this.h.contentWindow.postMessage(a, origin)

I used this function to resolve in my project.

Method 23

mine was:


I just removed the line with playerVars, and it worked without errors on console.

Method 24

You can try :

document.getElementById('your_id_iframe').contentWindow.postMessage('your_message', 'your_domain_iframe')

Method 25

I was also facing the same issue then I visit official Youtube Iframe Api where i found this:

The user’s browser must support the HTML5 postMessage feature. Most modern browsers support postMessage

and wander to see that official page was also facing this issue. Just Visit official Youtube Iframe Api and see console logs. My Chrome version is 79.0.3945.88.

All methods was sourced from or, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Comment