diff --git a/doc/BBCode.md b/doc/BBCode.md
index 47e45b7aca..753bc69425 100644
--- a/doc/BBCode.md
+++ b/doc/BBCode.md
@@ -502,10 +502,6 @@ You can embed video, audio and more in a message.
[url]*url*[/url] |
Wenn *url* die OEmbed- oder Opengraph-Spezifikationen unterstützt, wird das Objekt eingebettet (z.B. Dokumente von scribd).
diff --git a/src/Content/Text/BBCode.php b/src/Content/Text/BBCode.php
index d238e265ed..dd62c5d841 100644
--- a/src/Content/Text/BBCode.php
+++ b/src/Content/Text/BBCode.php
@@ -50,7 +50,7 @@ use Friendica\Util\XML;
class BBCode
{
// Update this value to the current date whenever changes are made to BBCode::convert
- const VERSION = '2020-12-18-small-emojis';
+ const VERSION = '2020-12-18-video-embeds';
const INTERNAL = 0;
const API = 2;
@@ -1622,11 +1622,8 @@ class BBCode
'$1', $text);
}
- if ($try_oembed) {
- $text = preg_replace("/\[iframe\](.*?)\[\/iframe\]/ism", '', $text);
- } else {
- $text = preg_replace("/\[iframe\](.*?)\[\/iframe\]/ism", '$1', $text);
- }
+ // Backward compatibility, [iframe] support has been removed in version 2020.12
+ $text = preg_replace("/\[iframe\](.*?)\[\/iframe\]/ism", '$1', $text);
// Youtube extensions
if ($try_oembed) {
@@ -1879,6 +1876,14 @@ class BBCode
$config = \HTMLPurifier_HTML5Config::createDefault();
$config->set('HTML.Doctype', 'HTML5');
+ $config->set('HTML.SafeIframe', true);
+ $config->set('URI.SafeIframeRegexp', '%^(?:
+ https://www.youtube.com/embed/
+ |
+ https://player.vimeo.com/video/
+ |
+ ' . DI::baseUrl() . '/oembed/ # Has to change with the source in Content\Oembed::iframe
+ )%xi');
$config->set('Attr.AllowedRel', [
'noreferrer' => true,
'noopener' => true,
diff --git a/src/Content/Text/HTML.php b/src/Content/Text/HTML.php
index e8d0943ca4..6f2d7c7905 100644
--- a/src/Content/Text/HTML.php
+++ b/src/Content/Text/HTML.php
@@ -290,7 +290,8 @@ class HTML
self::tagToBBCode($doc, 'video', ['src' => '/(.+)/'], '[video]$1', '[/video]', true);
self::tagToBBCode($doc, 'audio', ['src' => '/(.+)/'], '[audio]$1', '[/audio]', true);
- self::tagToBBCode($doc, 'iframe', ['src' => '/(.+)/'], '[iframe]$1', '[/iframe]', true);
+ // Backward compatibility, [iframe] support has been removed in version 2020.12
+ self::tagToBBCode($doc, 'iframe', ['src' => '/(.+)/'], '[url]$1', '[/url]', true);
self::tagToBBCode($doc, 'key', [], '[code]', '[/code]');
self::tagToBBCode($doc, 'code', [], '[code]', '[/code]');
@@ -630,6 +631,7 @@ class HTML
self::tagToBBCode($doc, 'img', ['src' => '/(.+)/'], ' ', ' ');
}
+ // Backward compatibility, [iframe] support has been removed in version 2020.12
self::tagToBBCode($doc, 'iframe', ['src' => '/(.+)/'], ' $1 ', '');
$message = $doc->saveHTML();
|