aboutsummaryrefslogtreecommitdiffstats
path: root/include/oembed.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/oembed.php')
-rwxr-xr-xinclude/oembed.php183
1 files changed, 126 insertions, 57 deletions
diff --git a/include/oembed.php b/include/oembed.php
index 3994af0fb..fe3a3c33c 100755
--- a/include/oembed.php
+++ b/include/oembed.php
@@ -1,69 +1,102 @@
<?php /** @file */
+
+
+use Zotlabs\Lib as Zlib;
+
function oembed_replacecb($matches){
$embedurl=$matches[1];
+ $result = oembed_action($embedurl);
+ if($result['action'] === 'block') {
+ return '<a href="' . $result['url'] . '">' . $result['url'] . '</a>';
+ }
+
+ $j = oembed_fetch_url($result['url']);
+ $s = oembed_format_object($j);
+ return $s;
+}
+
+
+function oembed_action($embedurl) {
+
+ $host = '';
+ $action = 'filter';
+
+ $embedurl = trim(str_replace('&amp;','&', $embedurl));
+
+ logger('oembed_action: ' . $embedurl, LOGGER_DEBUG, LOG_INFO);
+
+ if(strpos($embedurl,'http://') === 0) {
+ if(intval(get_config('system','embed_sslonly'))) {
+ $action = 'block';
+ }
+ }
// site white/black list
if(($x = get_config('system','embed_deny'))) {
- $l = explode("\n",$x);
- if($l) {
- foreach($l as $ll) {
- if(trim($ll) && strpos($embedurl,trim($ll)) !== false)
- return '<a href="' . $embedurl . '">' . $embedurl . '</a>';
+ if(($x) && (! is_array($x)))
+ $x = explode("\n",$x);
+ if($x) {
+ foreach($x as $ll) {
+ $t = trim($ll);
+ if(($t) && (strpos($embedurl,$t) !== false)) {
+ $action = 'block';
+ break;
+ }
}
}
}
+
+ $found = false;
+
if(($x = get_config('system','embed_allow'))) {
- $found = false;
- $l = explode("\n",$x);
- if($l) {
- foreach($l as $ll) {
- if(trim($ll) && strpos($embedurl,trim($ll)) !== false) {
+ if(($x) && (! is_array($x)))
+ $x = explode("\n",$x);
+ if($x) {
+ foreach($x as $ll) {
+ $t = trim($ll);
+ if(($t) && (strpos($embedurl,$t) !== false) && ($action !== 'block')) {
$found = true;
+ $action = 'allow';
break;
}
}
}
- if(! $found) {
- return '<a href="' . $embedurl . '">' . $embedurl . '</a>';
+ if((! $found) && ($action !== 'block')) {
+ $action = 'filter';
}
}
- // implements a personal embed white/black list for logged in members
+ // allow individual members to block something that wasn't blocked already.
+ // They cannot over-ride the site to allow or change the filtering on an
+ // embed that is not allowed by the site admin.
+
if(local_channel()) {
if(($x = get_pconfig(local_channel(),'system','embed_deny'))) {
- $l = explode("\n",$x);
- if($l) {
- foreach($l as $ll) {
- if(trim($ll) && strpos($embedurl,trim($ll)) !== false)
- return '<a href="' . $embedurl . '">' . $embedurl . '</a>';
- }
- }
- }
- if(($x = get_pconfig(local_channel(),'system','embed_allow'))) {
- $found = false;
- $l = explode("\n",$x);
- if($l) {
- foreach($l as $ll) {
- if(trim($ll) && strpos($embedurl,trim($ll)) !== false) {
- $found = true;
+ if(($x) && (! is_array($x)))
+ $x = explode("\n",$x);
+ if($x) {
+ foreach($x as $ll) {
+ $t = trim($ll);
+ if(($t) && (strpos($embedurl,$t) !== false)) {
+ $action = 'block';
break;
}
}
}
- if(! $found) {
- return '<a href="' . $embedurl . '">' . $embedurl . '</a>';
- }
}
}
- $j = oembed_fetch_url($embedurl);
- $s = oembed_format_object($j);
- return $s;
-}
+ $arr = array('url' => $embedurl, 'action' => $action);
+ call_hooks('oembed_action',$arr);
+
+ logger('action: ' . $arr['action'] . ' url: ' . $arr['url'], LOGGER_DEBUG,LOG_DEBUG);
+ return $arr;
+
+}
// if the url is embeddable with oembed, return the bbcode link.
@@ -79,42 +112,54 @@ function oembed_process($url) {
function oembed_fetch_url($embedurl){
- $a = get_app();
+ // These media files should now be caught in bbcode.php
+ // left here as a fallback in case this is called from another source
- $embedurl = str_replace('&amp;','&', $embedurl);
+ $noexts = array(".mp3",".mp4",".ogg",".ogv",".oga",".ogm",".webm",".opus");
-// logger('fetch: ' . $embedurl);
+ $result = oembed_action($embedurl);
- $txt = Cache::get(App::$videowidth . $embedurl);
+ $embedurl = $result['url'];
+ $action = $result['action'];
- if(strstr($txt,'youtu') && strstr(z_root(),'https:')) {
- $txt = str_replace('http:','https:',$txt);
+ foreach($noexts as $ext) {
+ if(strpos(strtolower($embedurl),$ext) !== false) {
+ $action = 'block';
+ }
}
- // These media files should now be caught in bbcode.php
- // left here as a fallback in case this is called from another source
+ $txt = null;
- $noexts = array("mp3","mp4","ogg","ogv","oga","ogm","webm","opus");
- $ext = pathinfo(strtolower($embedurl),PATHINFO_EXTENSION);
-
-
- if(is_null($txt)){
- $txt = "";
+ if($action !== 'block') {
+ $txt = Zlib\Cache::get('[' . App::$videowidth . '] ' . $embedurl);
+
+ if(strstr($txt,'youtu') && strstr(z_root(),'https:')) {
+ $txt = str_replace('http:','https:',$txt);
+ }
+ }
- if (in_array($ext, $noexts)) {
+ if(is_null($txt)) {
+
+ $txt = "";
+ $furl = $embedurl;
+ $zrl = false;
+
+ if(local_channel()) {
require_once('include/hubloc.php');
- $zrl = is_matrix_url($embedurl);
+ $zrl = is_matrix_url($furl);
if($zrl)
- $embedurl = zid($embedurl);
+ $furl = zid($furl);
}
- else {
+
+
+ if ($action !== 'block') {
// try oembed autodiscovery
$redirects = 0;
- $result = z_fetch_url($embedurl, false, $redirects, array('timeout' => 15, 'accept_content' => "text/*", 'novalidate' => true ));
+ $result = z_fetch_url($furl, false, $redirects, array('timeout' => 15, 'accept_content' => "text/*", 'novalidate' => true ));
if($result['success'])
$html_text = $result['body'];
- if($html_text){
+ if($html_text) {
$dom = @DOMDocument::loadHTML($html_text);
if ($dom){
$xpath = new DOMXPath($dom);
@@ -149,17 +194,41 @@ function oembed_fetch_url($embedurl){
}
$txt=trim($txt);
+
if ($txt[0]!="{") $txt='{"type":"error"}';
//save in cache
if(! get_config('system','oembed_cache_disable'))
- Cache::set(App::$videowidth . $embedurl,$txt);
+ Zlib\Cache::set('[' . App::$videowidth . '] ' . $embedurl,$txt);
}
$j = json_decode($txt);
+
+ if($action === 'filter') {
+ if($j->html) {
+ $orig = $j->html;
+ $allow_position = (($zrl) ? true : false);
+ $j->html = purify_html($j->html,$allow_position);
+ if($j->html != $orig) {
+ logger('oembed html was purified. original: ' . $orig . ' purified: ' . $j->html, LOGGER_DEBUG, LOG_INFO);
+ }
+
+ $orig_len = trim(mb_strlen($orig));
+ $new_len = trim(mb_strlen($j->html));
+ if(! $new_len)
+ $j->type = 'error';
+ elseif($orig_len) {
+ $ratio = $new_len / $orig_len;
+ if($ratio < 0.8)
+ $j->type = 'error';
+ }
+
+ }
+ }
+
$j->embedurl = $embedurl;
// logger('fetch return: ' . print_r($j,true));
@@ -170,7 +239,7 @@ function oembed_fetch_url($embedurl){
}
function oembed_format_object($j){
- $a = get_app();
+
$embedurl = $j->embedurl;
// logger('format: ' . print_r($j,true));