diff --git a/app/javascript/mastodon/features/status/components/card.tsx b/app/javascript/mastodon/features/status/components/card.tsx
index c6e0c1655a..d060d35c2c 100644
--- a/app/javascript/mastodon/features/status/components/card.tsx
+++ b/app/javascript/mastodon/features/status/components/card.tsx
@@ -48,8 +48,10 @@ const handleIframeUrl = (html: string, url: string, providerName: string) => {
     iframeUrl.searchParams.set('autoplay', '1');
     iframeUrl.searchParams.set('auto_play', '1');
 
-    if (startTime && providerName === 'YouTube')
-      iframeUrl.searchParams.set('start', startTime);
+    if (providerName === 'YouTube') {
+      iframeUrl.searchParams.set('start', startTime ?? '');
+      iframe.referrerPolicy = 'strict-origin-when-cross-origin';
+    }
 
     iframe.src = iframeUrl.href;