2025-12-01 13:26:23
YouTube embeds fail with a 153 error
I just fixed this bug on my blog. I was getting an annoying "Error 153: Video player configuration error" on some of the YouTube video embeds (like this one) on this site. After some digging it turns out the culprit was this HTTP header, which Django's SecurityMiddleware was sending by default:Referrer-Policy: same-origin
YouTube's embedded player terms documentation explains why this broke:
API Clients that use the YouTube embedded player (including the YouTube IFrame Player API) must provide identification through the
HTTP Refererrequest header. In some environments, the browser will automatically setHTTP Referer, and API Clients need only ensure they are not setting theReferrer-Policyin a way that suppresses theReferervalue. YouTube recommends usingstrict-origin-when-cross-originReferrer-Policy, which is already the default in many browsers.
The fix, which I outsourced to GitHub Copilot agent since I was on my phone, was to add this to my settings.py:
SECURE_REFERRER_POLICY = "strict-origin-when-cross-origin"
This explainer on the Chrome blog describes what the header means:
strict-origin-when-cross-originoffers more privacy. With this policy, only the origin is sent in the Referer header of cross-origin requests.This prevents leaks of private data that may be accessible from other parts of the full URL such as the path and query string.
Effectively it means that any time you follow a link from my site to somewhere else they'll see this in the incoming HTTP headers even if you followed the link from a page other than my homepage:
Referer: https://simonwillison.net/
The previous header, same-origin, is explained by MDN here:
Send the origin, path, and query string for same-origin requests. Don't send the
Refererheader for cross-origin requests.
This meant that previously traffic from my site wasn't sending any HTTP referer at all!
2025-12-01 06:48:46
I am increasingly worried about AI in the video game space in general. [...] I'm not sure that the CEOs and the people making the decisions at these sorts of companies understand the difference between actual content and slop. [...]
It's exactly the same cryolab, it's exactly the same robot factory place on all of these different planets. It's like there's so much to explore and nothing to find. [...]
And what was in this contraband chest was a bunch of harvested organs. And I'm like, oh, wow. If this was an actual game that people cared about the making of, this would be something interesting - an interesting bit of environmental storytelling. [...] But it's not, because it's just a cold, heartless, procedurally generated slop. [...]
Like, the point of having a giant open world to explore isn't the size of the world or the amount of stuff in it. It's that all of that stuff, however much there is, was made by someone for a reason.
— Felix Nolan, TikTok about AI and procedural generation in video games
Tags: ai-ethics, slop, game-design, tiktok, generative-ai, ai
2025-12-01 06:17:53
It's ChatGPT's third birthday today.
It's fun looking back at Sam Altman's low key announcement thread from November 30th 2022:
today we launched ChatGPT. try talking with it here:
language interfaces are going to be a big deal, i think. talk to the computer (voice or text) and get what you want, for increasingly complex definitions of "want"!
this is an early demo of what's possible (still a lot of limitations--it's very much a research release). [...]
We later learned from Forbes in February 2023 that OpenAI nearly didn't release it at all:
Despite its viral success, ChatGPT did not impress employees inside OpenAI. “None of us were that enamored by it,” Brockman told Forbes. “None of us were like, ‘This is really useful.’” This past fall, Altman and company decided to shelve the chatbot to concentrate on domain-focused alternatives instead. But in November, after those alternatives failed to catch on internally—and as tools like Stable Diffusion caused the AI ecosystem to explode—OpenAI reversed course.
MIT Technology Review's March 3rd 2023 story The inside story of how ChatGPT was built from the people who made it provides an interesting oral history of those first few months:
Jan Leike: It’s been overwhelming, honestly. We’ve been surprised, and we’ve been trying to catch up.
John Schulman: I was checking Twitter a lot in the days after release, and there was this crazy period where the feed was filling up with ChatGPT screenshots. I expected it to be intuitive for people, and I expected it to gain a following, but I didn’t expect it to reach this level of mainstream popularity.
Sandhini Agarwal: I think it was definitely a surprise for all of us how much people began using it. We work on these models so much, we forget how surprising they can be for the outside world sometimes.
It's since been described as one of the most successful consumer software launches of all time, signing up a million users in the first five days and reaching 800 million monthly users by November 2025, three years after that initial low-key launch.
Tags: sam-altman, generative-ai, openai, chatgpt, ai, llms
2025-11-30 22:32:11
The most annoying problem is that the [GitHub] frontend barely works without JavaScript, so we cannot open issues, pull requests, source code or CI logs in Dillo itself, despite them being mostly plain HTML, which I don't think is acceptable. In the past, it used to gracefully degrade without enforcing JavaScript, but now it doesn't.
— Rodrigo Arias Mallo, Migrating Dillo from GitHub
Tags: browsers, progressive-enhancement, github
2025-11-29 19:26:24
Matt Webb coins the term context plumbing to describe the kind of engineering needed to feed agents the right context at the right time:
Context appears at disparate sources, by user activity or changes in the user’s environment: what they’re working on changes, emails appear, documents are edited, it’s no longer sunny outside, the available tools have been updated.
This context is not always where the AI runs (and the AI runs as closer as possible to the point of user intent).
So the job of making an agent run really well is to move the context to where it needs to be. [...]
So I’ve been thinking of AI system technical architecture as plumbing the sources and sinks of context.
Tags: definitions, matt-webb, ai, generative-ai, llms, ai-agents, context-engineering
2025-11-29 18:55:30
Large language models (LLMs) can be useful tools, but they are not good at creating entirely new Wikipedia articles. Large language models should not be used to generate new Wikipedia articles from scratch.
— Wikipedia content guideline, promoted to a guideline on 24th November 2025
