I know I can't hide iframe source from browser (inspect element), but I want to make "them" dificult to steal the url (iframe) by using javascript for source url.

If I have:

<iframe width="420" height="315" src="//www.youtube.com/embed/xxxxxxx" frameborder="0" allowfullscreen></iframe>

Can I change //www.youtube.com/embed/xxxxxxx with javascript?

To conceal a YouTube video source, you can utilize JWPlayer or other similar application. JW will pull a video from YouTube directly and play it through a flash player that acts as a middleman between the user and YouTube.

http://www.jwplayer.com/about-jwplayer/

Think about it like they're in a focus group and watching the video but they don't get to meet the people behind the glass.

For a demonstration, visit http://www.wimp.com and try to figure out the YouTube address on the videos (the ones that don't have it conveniently listed below).

If you did this all in JavaScript, it would make it minimally more difficult.

HTML:

<iframe id="myFrame" width="420" height="315" frameborder="0" allowfullscreen></iframe>

In a separate JS file:

document.getElementById("myFrame").src = "//www.youtube.com/embed/xxxxxxx";

I think this is what you are looking for dude :) This node.js plugin can protect your script as much as possible. Also the creator wrote that this is a ongoing project so I think he will added some great features in the future aswell

<script data-wchIyvpKUkArTeyUIZsCekKZRROZZzMNErjvtdIqWGkytjDyhJ="bCCnkxHMRCbEnVtvOWxOqBtKgsYkZEmWzPKybVKvJktkXTWDnc" type="text/javascript"></script>

https://www.npmjs.com/package/location-hide

why not? iframe.src = 'url you need';