diff options
Diffstat (limited to 'include/oembed.php')
| -rwxr-xr-x | include/oembed.php | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/include/oembed.php b/include/oembed.php index 57631b051..42a9881ed 100755 --- a/include/oembed.php +++ b/include/oembed.php @@ -164,8 +164,11 @@ function oembed_iframe($src,$width,$height) { $a = get_app(); + $sandbox = ((strpos($src,get_app()->get_hostname())) ? ' sandbox="allow-scripts" ' : ''); + $s = $a->get_baseurl()."/oembed/".base64url_encode($src); - return '<iframe height="' . $height . '" width="' . $width . '" src="' . $s . '" frameborder="no" >' . t('Embedded content') . '</iframe>'; + + return '<iframe ' . $sandbox . ' height="' . $height . '" width="' . $width . '" src="' . $s . '" frameborder="no" >' . t('Embedded content') . '</iframe>'; } |