diff options
| -rwxr-xr-x | include/oembed.php | 13 | ||||
| -rw-r--r-- | mod/oembed.php | 5 |
2 files changed, 9 insertions, 9 deletions
diff --git a/include/oembed.php b/include/oembed.php index 8ce0fee96..e08b287d1 100755 --- a/include/oembed.php +++ b/include/oembed.php @@ -92,7 +92,8 @@ function oembed_fetch_url($embedurl){ function oembed_format_object($j){ $a = get_app(); $embedurl = $j->embedurl; - $jhtml = oembed_iframe($j->embedurl,(isset($j->width) ? $j->width : null), (isset($j->height) ? $j->height : null) ); + + $jhtml = oembed_iframe($j->embedurl,(isset($j->width) ? $j->width : null), (isset($j->height) ? $j->height : null)); $ret="<span class='oembed ".$j->type."'>"; switch ($j->type) { @@ -127,7 +128,6 @@ function oembed_format_object($j){ }; break; case "photo": { $ret.= "<img width='".$j->width."' src='".$j->url."'>"; - //$ret.= "<img width='".$j->width."' height='".$j->height."' src='".$j->url."'>"; $ret.="<br>"; }; break; case "link": { @@ -163,13 +163,12 @@ function oembed_iframe($src,$width,$height) { $height = intval($height) + 80; $width = intval($width) + 40; - $a = get_app(); - - $sandbox = ((strpos($src,get_app()->get_hostname())) ? ' sandbox="allow-scripts" ' : ''); + $s = z_root() . '/oembed/' . base64url_encode($src); - $s = $a->get_baseurl()."/oembed/".base64url_encode($src); + // Make sure any children are sandboxed within their own iframe. - return '<iframe ' . $sandbox . ' height="' . $height . '" width="' . $width . '" src="' . $s . '" frameborder="no" >' . t('Embedded content') . '</iframe>'; + return '<iframe height="' . $height . '" width="' . $width . '" src="' . $s . '" frameborder="no" >' + . t('Embedded content') . '</iframe>'; } diff --git a/mod/oembed.php b/mod/oembed.php index a053a8c98..d4a4424f5 100644 --- a/mod/oembed.php +++ b/mod/oembed.php @@ -19,9 +19,10 @@ function oembed_init(&$a){ else { echo "<html><body>"; - $j = oembed_fetch_url(base64url_decode(argv(1))); + $src = base64url_decode(argv(1)); + $j = oembed_fetch_url($src); echo $j->html; -// logger('mod-oembed ' . $j->html, LOGGER_ALL); +// logger('mod-oembed ' . $h, LOGGER_ALL); echo "</body></html>"; } } |