mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-20 01:15:13 +00:00
this is a mess and makes a complicated security model that one can probably drive a truck through. It will have to be fixed. It does make youtubes work again.
This commit is contained in:
parent
04d9187c7a
commit
57a9ba4574
2 changed files with 7 additions and 5 deletions
|
@ -230,11 +230,10 @@ function bb_location($match) {
|
|||
function bbiframe($match) {
|
||||
$a = get_app();
|
||||
|
||||
// use sandbox mode to prevent malicious goings on rather than host restriction
|
||||
// if(strpos($match[1],get_app()->get_hostname()))
|
||||
// return '<a href="' . $match[1] . '">' . $match[1] . '</a>';
|
||||
|
||||
return '<iframe sandbox="allow-scripts" src="' . $match[1] . '" width="' . $a->videowidth . '" height="' . $a->videoheight . '"><a href="' . $match[1] . '">' . $match[1] . '</a></iframe>';
|
||||
$sandbox = ((strpos($match[1],get_app()->get_hostname())) ? ' sandbox="allow-scripts" ' : '');
|
||||
|
||||
return '<iframe ' . $sandbox . ' src="' . $match[1] . '" width="' . $a->videowidth . '" height="' . $a->videoheight . '"><a href="' . $match[1] . '">' . $match[1] . '</a></iframe>';
|
||||
}
|
||||
|
||||
function bb_ShareAttributesSimple($match) {
|
||||
|
|
|
@ -164,8 +164,11 @@ function oembed_iframe($src,$width,$height) {
|
|||
|
||||
$a = get_app();
|
||||
|
||||
$sandbox = ((strpos($src,get_app()->get_hostname())) ? ' sandbox="allow-scripts" ' : '');
|
||||
|
||||
$s = $a->get_baseurl()."/oembed/".base64url_encode($src);
|
||||
return '<iframe sandbox="allow-scripts" height="' . $height . '" width="' . $width . '" src="' . $s . '" frameborder="no" >' . t('Embedded content') . '</iframe>';
|
||||
|
||||
return '<iframe ' . $sandbox . ' height="' . $height . '" width="' . $width . '" src="' . $s . '" frameborder="no" >' . t('Embedded content') . '</iframe>';
|
||||
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue