After tpying around a bit: That regex is odd but working fine. Could you see if it helps to add “iframe” to the list of allowed elements? Kinda like a last straw, but hey …
I have solved my problem. Since I was only allowing specific html tags with HTML.Allowed, I needed to add iframe and its attributes there as well. My working code:
//Allow HTML target attribute and iframe for YouTube and Vimeo
$content = $data->content;
$p = new CHtmlPurifier();
$p->options = array(
'Attr.AllowedFrameTargets'=> array('_blank'),
'HTML.Allowed'=> 'p,a[href|target],strong,em,br,iframe[width|height|src|frameborder]',
'HTML.SafeIframe'=> true,
'URI.SafeIframeRegexp'=>'%^http://(www.youtube.com/embed/|player.vimeo.com/video/)%',
);
$content = $p->purify($content);