diff options
author | zotlabs <mike@macgirvin.com> | 2016-12-19 15:38:42 -0800 |
---|---|---|
committer | zotlabs <mike@macgirvin.com> | 2016-12-19 15:38:42 -0800 |
commit | 1798ebd39524354a6955e871ce231c908f5bd0cc (patch) | |
tree | 4c88dacb3898693922cea00ece5f5b34c8977156 | |
parent | b1f4ea62061e57c02fc46d2cc185da49d9dbeb1c (diff) | |
download | volse-hubzilla-1798ebd39524354a6955e871ce231c908f5bd0cc.tar.gz volse-hubzilla-1798ebd39524354a6955e871ce231c908f5bd0cc.tar.bz2 volse-hubzilla-1798ebd39524354a6955e871ce231c908f5bd0cc.zip |
improve oembed cache security
-rwxr-xr-x | include/oembed.php | 15 |
1 files changed, 5 insertions, 10 deletions
diff --git a/include/oembed.php b/include/oembed.php index eb7b76437..36395cfbc 100755 --- a/include/oembed.php +++ b/include/oembed.php @@ -104,7 +104,7 @@ function oembed_action($embedurl) { function oembed_process($url) { $j = oembed_fetch_url($url); - logger('oembed_process: ' . print_r($j,true)); + logger('oembed_process: ' . print_r($j,true), LOGGER_DATA, LOG_DEBUG); if($j && $j['type'] !== 'error') return '[embed]' . $url . '[/embed]'; return false; @@ -135,19 +135,15 @@ function oembed_fetch_url($embedurl){ // we should try to cache this and avoid a lookup on each render $zrl = is_matrix_url($embedurl); + $furl = ((local_channel() && $zrl) ? zid($embedurl) : $embedurl); + if($action !== 'block') { - $txt = Zlib\Cache::get('[' . App::$videowidth . '] ' . $embedurl); + $txt = Zlib\Cache::get('[' . App::$videowidth . '] ' . $furl); } if(is_null($txt)) { $txt = ""; - $furl = $embedurl; - - logger('local_channel: ' . local_channel()); - - if(local_channel() && $zrl) - $furl = zid($furl); if ($action !== 'block') { // try oembed autodiscovery @@ -206,11 +202,10 @@ function oembed_fetch_url($embedurl){ //save in cache if(! get_config('system','oembed_cache_disable')) - Zlib\Cache::set('[' . App::$videowidth . '] ' . $embedurl,$txt); + Zlib\Cache::set('[' . App::$videowidth . '] ' . $furl, $txt); } - $j = json_decode($txt,true); if(! $j) |