NorthwindNorthwind
← All posts
mdxreference

Embedding Media: Video, Maps, and Tweets

Quill's media embeds are safe by construction — sandboxed iframes and id-validated helpers, no third-party scripts.

Sofia Alvarez, Raj Patel · 1 min read
Share

Quill ships a small set of media embeds. None of them inject third-party scripts; each validates its input and renders nothing if the input is unsafe.

YouTube

A video by id (validated against a strict pattern, embedded via youtube-nocookie):

A generic sandboxed embed

Any https:// URL in a locked-down <iframe> (no same-origin script access beyond the sandbox flags):

Tweet

A tweet reference (renders a safe link out — no Twitter widget script):

View Tweet
Each embed checks its input first. A bad id or a non-http(s) src renders nothing rather than failing the build.
Share

More to read

Related posts

The Quill Component GalleryJune 9, 2026 · 2 min read