Merge pull request #13946 from annando/issue-13819

Issue 13819: Ensure to not use OEmbed if not wanted
pull/13951/head
Hypolite Petovan 2024-02-29 07:54:43 -05:00 committed by GitHub
commit c9f7d9baff
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 3 additions and 11 deletions

View File

@ -1788,7 +1788,7 @@ class BBCode
$text = self::normalizeVideoLinks($text);
// Youtube extensions
if ($try_oembed) {
if ($try_oembed && OEmbed::isAllowedURL('https://www.youtube.com/embed/')) {
$text = preg_replace("/\[youtube\]([A-Za-z0-9\-_=]+)(.*?)\[\/youtube\]/ism", '<iframe width="' . $a->getThemeInfoValue('videowidth') . '" height="' . $a->getThemeInfoValue('videoheight') . '" src="https://www.youtube.com/embed/$1" frameborder="0" ></iframe>', $text);
} else {
$text = preg_replace(
@ -1799,7 +1799,7 @@ class BBCode
}
// Vimeo extensions
if ($try_oembed) {
if ($try_oembed && OEmbed::isAllowedURL('https://player.vimeo.com/video')) {
$text = preg_replace("/\[vimeo\]([0-9]+)(.*?)\[\/vimeo\]/ism", '<iframe width="' . $a->getThemeInfoValue('videowidth') . '" height="' . $a->getThemeInfoValue('videoheight') . '" src="https://player.vimeo.com/video/$1" frameborder="0" ></iframe>', $text);
} else {
$text = preg_replace(
@ -2057,10 +2057,7 @@ class BBCode
);
// Default iframe allowed domains/path
$allowedIframeDomains = [
'www.youtube.com/embed/',
'player.vimeo.com/video/',
];
$allowedIframeDomains = DI::config()->get('system', 'no_oembed_rich_content') ? [] : ['www.youtube.com/embed/', 'player.vimeo.com/video/'];
$allowedIframeDomains = array_merge(
$allowedIframeDomains,

View File

@ -429,10 +429,6 @@ return [
// Don't do count calculations (currently only when showing photo albums).
'no_count' => false,
// no_oembed (Boolean)
// Don't use OEmbed to fetch more information about a link.
'no_oembed' => false,
// no_redirect_list (Array)
// List of domains where HTTP redirects should be ignored.
'no_redirect_list' => [],

View File

@ -35,7 +35,6 @@ class BBCodeTest extends FixtureTest
{
parent::setUp();
DI::config()->set('system', 'remove_multiplicated_lines', false);
DI::config()->set('system', 'no_oembed', false);
DI::config()->set('system', 'allowed_link_protocols', []);
DI::config()->set('system', 'url', 'https://friendica.local');
DI::config()->set('system', 'no_smilies', false);