Embeds seem to have stopped working with a CORS error (specifically NS_ERROR_DOM_COEP_FAILED, "Used to indicate that a resource load was blocked because of the Cross-Origin-Embedder-Policy response header.") Comparing the generated iframe to YouTube's, and the generated iframe lacks the referrerpolicy="strict-origin-when-cross-origin" attribute.