diff options
| author | Friendika <info@friendika.com> | 2011-10-24 20:10:46 -0700 |
|---|---|---|
| committer | Friendika <info@friendika.com> | 2011-10-24 20:10:46 -0700 |
| commit | 1a7badb40518538c79ecff6186eb3d996734760e (patch) | |
| tree | b0f2ca367e78d3835cfecd4f7b0c641c789477d7 /include/oembed.php | |
| parent | 790c4a4e1a583b9e8ad909f8d562a62c8d700ad5 (diff) | |
| download | volse-hubzilla-1a7badb40518538c79ecff6186eb3d996734760e.tar.gz volse-hubzilla-1a7badb40518538c79ecff6186eb3d996734760e.tar.bz2 volse-hubzilla-1a7badb40518538c79ecff6186eb3d996734760e.zip | |
use iframe for oembed - untrusted content
Diffstat (limited to 'include/oembed.php')
| -rw-r--r-- | include/oembed.php | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/include/oembed.php b/include/oembed.php index 924e61289..71b62b839 100644 --- a/include/oembed.php +++ b/include/oembed.php @@ -1,8 +1,12 @@ <?php function oembed_replacecb($matches){ + logger('oembedcb'); $embedurl=$matches[1]; $j = oembed_fetch_url($embedurl); - return oembed_format_object($j); + $s = oembed_format_object($j); + return oembed_iframe($s,$j->width,$j->height); + + } @@ -102,6 +106,23 @@ function oembed_format_object($j){ return mb_convert_encoding($ret, 'HTML-ENTITIES', mb_detect_encoding($ret)); } +function oembed_iframe($src,$width,$height) { + + if(! $width || strstr($width,'%')) + $width = '640'; + if(! $height || strstr($height,'%')) + $height = '300'; + // try and leave some room for the description line. + $height = intval($height) + 80; + $width = intval($width) + 40; + + $s = 'data:text/html;base64,' . base64_encode('<html><body>' . $src . '</body></html>'); + return '<iframe height="' . $height . '" width="' . $width . '" src="' . $s . '" frameborder="no" >' . t('Embedded content') . '</iframe>'; + +} + + + function oembed_bbcode2html($text){ $stopoembed = get_config("system","no_oembed"); if ($stopoembed == true){ |