aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFabio Comuni <fabrix.xm@gmail.com>2011-10-25 14:59:31 +0200
committerFabio Comuni <fabrix.xm@gmail.com>2011-10-25 14:59:31 +0200
commitafce790e56ba7cd4c5c049e7c3a9aac20846981e (patch)
tree648414c3420009049bdd2f5ebc22777a57adc199
parentae12074337c6f5465c8abab8b3205daeb8797a0b (diff)
downloadvolse-hubzilla-afce790e56ba7cd4c5c049e7c3a9aac20846981e.tar.gz
volse-hubzilla-afce790e56ba7cd4c5c049e7c3a9aac20846981e.tar.bz2
volse-hubzilla-afce790e56ba7cd4c5c049e7c3a9aac20846981e.zip
oembed: wrap in iframe only html from remote service
-rw-r--r--include/bbcode.php2
-rw-r--r--include/oembed.php12
-rw-r--r--js/webtoolkit.base64.js142
-rw-r--r--view/oembed_video.tpl2
4 files changed, 150 insertions, 8 deletions
diff --git a/include/bbcode.php b/include/bbcode.php
index e20b2478d..d7b64c0cf 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -19,7 +19,7 @@ function tryoembed($match){
if ($o->type=="error") return $match[0];
$html = oembed_format_object($o);
- return oembed_iframe($html,$o->width,$o->height);
+ return $html; //oembed_iframe($html,$o->width,$o->height);
}
diff --git a/include/oembed.php b/include/oembed.php
index 71b62b839..3e86627e4 100644
--- a/include/oembed.php
+++ b/include/oembed.php
@@ -4,7 +4,7 @@ function oembed_replacecb($matches){
$embedurl=$matches[1];
$j = oembed_fetch_url($embedurl);
$s = oembed_format_object($j);
- return oembed_iframe($s,$j->width,$j->height);
+ return $s;//oembed_iframe($s,$j->width,$j->height);
}
@@ -56,6 +56,7 @@ function oembed_fetch_url($embedurl){
function oembed_format_object($j){
$embedurl = $j->embedurl;
+ $jhtml = oembed_iframe($j->html,$j->width,$j->height );
$ret="<span class='oembed ".$j->type."'>";
switch ($j->type) {
case "video": {
@@ -68,14 +69,14 @@ function oembed_format_object($j){
$tpl=get_markup_template('oembed_video.tpl');
$ret.=replace_macros($tpl, array(
'$embedurl'=>$embedurl,
- '$escapedhtml'=>urlencode($j->html),
+ '$escapedhtml'=>base64_encode($jhtml),
'$tw'=>$tw,
'$th'=>$th,
'$turl'=>$j->thumbnail_url,
));
} else {
- $ret=$j->html;
+ $ret=$jhtml;
}
$ret.="<br>";
}; break;
@@ -88,12 +89,12 @@ function oembed_format_object($j){
}; break;
case "rich": {
// not so safe..
- $ret.= $j->html;
+ $ret.= $jhtml;
}; break;
}
// add link to source if not present in "rich" type
- if ( $j->type!='rich' || !strpos($ret,$embedurl) ){
+ if ( $j->type!='rich' || !strpos($j->html,$embedurl) ){
$embedlink = (isset($j->title))?$j->title:$embedurl;
$ret .= "<a href='$embedurl' rel='oembed'>$embedlink</a>";
if (isset($j->author_name)) $ret.=" by ".$j->author_name;
@@ -107,7 +108,6 @@ function oembed_format_object($j){
}
function oembed_iframe($src,$width,$height) {
-
if(! $width || strstr($width,'%'))
$width = '640';
if(! $height || strstr($height,'%'))
diff --git a/js/webtoolkit.base64.js b/js/webtoolkit.base64.js
new file mode 100644
index 000000000..5fa3c1ed7
--- /dev/null
+++ b/js/webtoolkit.base64.js
@@ -0,0 +1,142 @@
+/**
+*
+* Base64 encode / decode
+* http://www.webtoolkit.info/
+*
+**/
+
+var Base64 = {
+
+ // private property
+ _keyStr : "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",
+
+ // public method for encoding
+ encode : function (input) {
+ var output = "";
+ var chr1, chr2, chr3, enc1, enc2, enc3, enc4;
+ var i = 0;
+
+ input = Base64._utf8_encode(input);
+
+ while (i < input.length) {
+
+ chr1 = input.charCodeAt(i++);
+ chr2 = input.charCodeAt(i++);
+ chr3 = input.charCodeAt(i++);
+
+ enc1 = chr1 >> 2;
+ enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
+ enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
+ enc4 = chr3 & 63;
+
+ if (isNaN(chr2)) {
+ enc3 = enc4 = 64;
+ } else if (isNaN(chr3)) {
+ enc4 = 64;
+ }
+
+ output = output +
+ this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) +
+ this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4);
+
+ }
+
+ return output;
+ },
+
+ // public method for decoding
+ decode : function (input) {
+ var output = "";
+ var chr1, chr2, chr3;
+ var enc1, enc2, enc3, enc4;
+ var i = 0;
+
+ input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
+
+ while (i < input.length) {
+
+ enc1 = this._keyStr.indexOf(input.charAt(i++));
+ enc2 = this._keyStr.indexOf(input.charAt(i++));
+ enc3 = this._keyStr.indexOf(input.charAt(i++));
+ enc4 = this._keyStr.indexOf(input.charAt(i++));
+
+ chr1 = (enc1 << 2) | (enc2 >> 4);
+ chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
+ chr3 = ((enc3 & 3) << 6) | enc4;
+
+ output = output + String.fromCharCode(chr1);
+
+ if (enc3 != 64) {
+ output = output + String.fromCharCode(chr2);
+ }
+ if (enc4 != 64) {
+ output = output + String.fromCharCode(chr3);
+ }
+
+ }
+
+ output = Base64._utf8_decode(output);
+
+ return output;
+
+ },
+
+ // private method for UTF-8 encoding
+ _utf8_encode : function (string) {
+ string = string.replace(/\r\n/g,"\n");
+ var utftext = "";
+
+ for (var n = 0; n < string.length; n++) {
+
+ var c = string.charCodeAt(n);
+
+ if (c < 128) {
+ utftext += String.fromCharCode(c);
+ }
+ else if((c > 127) && (c < 2048)) {
+ utftext += String.fromCharCode((c >> 6) | 192);
+ utftext += String.fromCharCode((c & 63) | 128);
+ }
+ else {
+ utftext += String.fromCharCode((c >> 12) | 224);
+ utftext += String.fromCharCode(((c >> 6) & 63) | 128);
+ utftext += String.fromCharCode((c & 63) | 128);
+ }
+
+ }
+
+ return utftext;
+ },
+
+ // private method for UTF-8 decoding
+ _utf8_decode : function (utftext) {
+ var string = "";
+ var i = 0;
+ var c = c1 = c2 = 0;
+
+ while ( i < utftext.length ) {
+
+ c = utftext.charCodeAt(i);
+
+ if (c < 128) {
+ string += String.fromCharCode(c);
+ i++;
+ }
+ else if((c > 191) && (c < 224)) {
+ c2 = utftext.charCodeAt(i+1);
+ string += String.fromCharCode(((c & 31) << 6) | (c2 & 63));
+ i += 2;
+ }
+ else {
+ c2 = utftext.charCodeAt(i+1);
+ c3 = utftext.charCodeAt(i+2);
+ string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63));
+ i += 3;
+ }
+
+ }
+
+ return string;
+ }
+
+}
diff --git a/view/oembed_video.tpl b/view/oembed_video.tpl
index 29b5149ba..5824d8d4e 100644
--- a/view/oembed_video.tpl
+++ b/view/oembed_video.tpl
@@ -1,4 +1,4 @@
-<a href='$embedurl' onclick='this.innerHTML=unescape("$escapedhtml").replace(/\+/g," "); return false;' style='float:left; margin: 1em; position: relative;'>
+<a href='$embedurl' onclick='this.innerHTML=Base64.decode("$escapedhtml"); return false;' style='float:left; margin: 1em; position: relative;'>
<img width='$tw' height='$th' src='$turl' >
<div style='position: absolute; top: 0px; left: 0px; width: $twpx; height: $thpx; background: url(images/icons/48/play.png) no-repeat center center;'></div>
</a>