diff --git a/doc/BBCode.md b/doc/BBCode.md index 47e45b7aca..753bc69425 100644 --- a/doc/BBCode.md +++ b/doc/BBCode.md @@ -502,10 +502,6 @@ You can embed video, audio and more in a message. [embed]URL[/embed] Embed OEmbed rich content. - - [iframe]URL[/iframe] - General embed, iframe size is limited by the theme size for video players. - [url]*url*[/url] If *url* supports oembed or opengraph specifications the embedded object will be shown (eg, documents from scribd). diff --git a/doc/de/BBCode.md b/doc/de/BBCode.md index 5786e22755..ded52cdb78 100644 --- a/doc/de/BBCode.md +++ b/doc/de/BBCode.md @@ -482,10 +482,6 @@ Du kannst Videos, Musikdateien und weitere Dinge in Beiträgen einbinden. [embed]URL[/embed] OEmbed rich content einbetten. - - [iframe]URL[/iframe] - General embed, iframe size is limited by the theme size for video players. - [url]*url*[/url] Wenn *url* die OEmbed- oder Opengraph-Spezifikationen unterstützt, wird das Objekt eingebettet (z.B. Dokumente von scribd). diff --git a/src/Content/Text/BBCode.php b/src/Content/Text/BBCode.php index d238e265ed..dd62c5d841 100644 --- a/src/Content/Text/BBCode.php +++ b/src/Content/Text/BBCode.php @@ -50,7 +50,7 @@ use Friendica\Util\XML; class BBCode { // Update this value to the current date whenever changes are made to BBCode::convert - const VERSION = '2020-12-18-small-emojis'; + const VERSION = '2020-12-18-video-embeds'; const INTERNAL = 0; const API = 2; @@ -1622,11 +1622,8 @@ class BBCode '$1', $text); } - if ($try_oembed) { - $text = preg_replace("/\[iframe\](.*?)\[\/iframe\]/ism", '', $text); - } else { - $text = preg_replace("/\[iframe\](.*?)\[\/iframe\]/ism", '$1', $text); - } + // Backward compatibility, [iframe] support has been removed in version 2020.12 + $text = preg_replace("/\[iframe\](.*?)\[\/iframe\]/ism", '$1', $text); // Youtube extensions if ($try_oembed) { @@ -1879,6 +1876,14 @@ class BBCode $config = \HTMLPurifier_HTML5Config::createDefault(); $config->set('HTML.Doctype', 'HTML5'); + $config->set('HTML.SafeIframe', true); + $config->set('URI.SafeIframeRegexp', '%^(?: + https://www.youtube.com/embed/ + | + https://player.vimeo.com/video/ + | + ' . DI::baseUrl() . '/oembed/ # Has to change with the source in Content\Oembed::iframe + )%xi'); $config->set('Attr.AllowedRel', [ 'noreferrer' => true, 'noopener' => true, diff --git a/src/Content/Text/HTML.php b/src/Content/Text/HTML.php index e8d0943ca4..6f2d7c7905 100644 --- a/src/Content/Text/HTML.php +++ b/src/Content/Text/HTML.php @@ -290,7 +290,8 @@ class HTML self::tagToBBCode($doc, 'video', ['src' => '/(.+)/'], '[video]$1', '[/video]', true); self::tagToBBCode($doc, 'audio', ['src' => '/(.+)/'], '[audio]$1', '[/audio]', true); - self::tagToBBCode($doc, 'iframe', ['src' => '/(.+)/'], '[iframe]$1', '[/iframe]', true); + // Backward compatibility, [iframe] support has been removed in version 2020.12 + self::tagToBBCode($doc, 'iframe', ['src' => '/(.+)/'], '[url]$1', '[/url]', true); self::tagToBBCode($doc, 'key', [], '[code]', '[/code]'); self::tagToBBCode($doc, 'code', [], '[code]', '[/code]'); @@ -630,6 +631,7 @@ class HTML self::tagToBBCode($doc, 'img', ['src' => '/(.+)/'], ' ', ' '); } + // Backward compatibility, [iframe] support has been removed in version 2020.12 self::tagToBBCode($doc, 'iframe', ['src' => '/(.+)/'], ' $1 ', ''); $message = $doc->saveHTML();