diff options
| author | Mario <mario@mariovavti.com> | 2022-06-03 08:51:54 +0000 |
|---|---|---|
| committer | Mario <mario@mariovavti.com> | 2022-06-03 08:51:54 +0000 |
| commit | 5e112b395ddb80b72891361b259b4d3fafa7efc2 (patch) | |
| tree | 89a3b19ce22cea78d09b76b88ab20a1972ea63bd | |
| parent | d1a8e7813a5cd695f13339ab0c9cc19daf3f1d94 (diff) | |
| download | volse-hubzilla-5e112b395ddb80b72891361b259b4d3fafa7efc2.tar.gz volse-hubzilla-5e112b395ddb80b72891361b259b4d3fafa7efc2.tar.bz2 volse-hubzilla-5e112b395ddb80b72891361b259b4d3fafa7efc2.zip | |
oembed: implement a max oembed size which defaults to 1MB and do not try to oembed text previews
| -rw-r--r-- | Zotlabs/Lib/Enotify.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Widget/Messages.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Widget/Notes.php | 2 | ||||
| -rw-r--r-- | include/oembed.php | 19 |
4 files changed, 22 insertions, 3 deletions
diff --git a/Zotlabs/Lib/Enotify.php b/Zotlabs/Lib/Enotify.php index 59e4d9a4e..07c426960 100644 --- a/Zotlabs/Lib/Enotify.php +++ b/Zotlabs/Lib/Enotify.php @@ -860,7 +860,7 @@ class Enotify { // convert this logic into a json array just like the system notifications $who = (($item['verb'] === ACTIVITY_SHARE) ? 'owner' : 'author'); - $body = html2plain(bbcode($item['body'], ['drop_media']), 75, true); + $body = html2plain(bbcode($item['body'], ['drop_media' => true, 'tryoembed' => false]), 75, true); if ($body) { $body = htmlentities($body, ENT_QUOTES, 'UTF-8', false); } diff --git a/Zotlabs/Widget/Messages.php b/Zotlabs/Widget/Messages.php index d045ae85b..3d9ed8955 100644 --- a/Zotlabs/Widget/Messages.php +++ b/Zotlabs/Widget/Messages.php @@ -113,7 +113,7 @@ class Messages { } if (!$summary) { - $summary = html2plain(bbcode($item['body'], ['drop_media' => true]), 75, true); + $summary = html2plain(bbcode($item['body'], ['drop_media' => true, 'tryoembed' => false]), 75, true); if ($summary) { $summary = htmlentities($summary, ENT_QUOTES, 'UTF-8', false); } diff --git a/Zotlabs/Widget/Notes.php b/Zotlabs/Widget/Notes.php index c9d08c6b7..836159edd 100644 --- a/Zotlabs/Widget/Notes.php +++ b/Zotlabs/Widget/Notes.php @@ -31,7 +31,7 @@ class Notes { $o = replace_macros($tpl, array( '$text' => $text, - '$html' => bbcode($text), + '$html' => bbcode($text, ['tryoembed' => false]), '$app' => ((isset($arr['app'])) ? true : false), '$hidden' => ((isset($arr['hidden'])) ? true : false), '$strings' => [ diff --git a/include/oembed.php b/include/oembed.php index 36938c577..bcf5d525c 100644 --- a/include/oembed.php +++ b/include/oembed.php @@ -164,6 +164,25 @@ function oembed_fetch_url($embedurl){ $txt = EMPTY_STR; if ($action !== 'block') { + $max_oembed_size = get_config('system', 'oembed_max_size', 1 * 1024 * 1024 /* 1MB */); + + stream_context_set_default( + [ + 'http' => [ + 'method' => 'HEAD', + 'timeout' => 5 + ] + ] + ); + + $headers = get_headers($furl, true); + + if (isset($headers['Content-Length']) && $headers['Content-Length'] > $max_oembed_size) { + $action = 'block'; + } + } + + if ($action !== 'block') { // try oembed autodiscovery $redirects = 0; $result = z_fetch_url($furl, false, $redirects, |