YouTube

Allowing for cross-domain content
<!DOCTYPE html>
<html>
<head>
<meta charset=utf-8 />
<title>YouTube</title>
  <meta name='viewport' content='width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no' />
  <script src='//api.tiles.mapbox.com/mapbox.js/v1.4.0/mapbox.js'></script>
  <link href='//api.tiles.mapbox.com/mapbox.js/v1.4.0/mapbox.css' rel='stylesheet' />
  <!--[if lte IE 8]>
    <link href='//api.tiles.mapbox.com/mapbox.js/v1.4.0/mapbox.ie.css' rel='stylesheet'>
  <![endif]-->
  <style>
    body { margin:0; padding:0; }
    #map { position:absolute; top:0; bottom:0; width:100%; }
  </style>
</head>
<body>
<style>
.map-tooltip {
    width:440px !important;
    max-width:440px !important;
}
</style>
<div id='map'></div>
<script type='text/javascript'>
var map = L.mapbox.map('map', 'examples.youtube-embed', {
    gridLayer: {},
    // This line redefines part of the underlying code which
    // sanitizes HTML from MapBox Hosting. The original code is there
    // for the protection of sites, so that malicious map-creators
    // can't add cross-site scripting attacks to sites that use their
    // maps.
    // Turning it off allows any content to be available in tooltips.
    // It's recommended to only with trusted maps.
    gridControl: {
        sanitizer: function(x) { return x; }
    }
});
</script>
The code and documentation to mapbox.js is hosted on GitHub where you can contribute changes and improvements.