Changeset 31584

Timestamp:

02/27/2015 10:05:51 PM (10 years ago)

Author:

azaozz

Message:

PressThis: when there is a protocol mismatch (http vs. https), use server-side media detection instead of submitting a form as it triggers "Unsafe data" warning in some browsers. Props stephdau. Fixes #31468.

Location:

trunk/src/wp-admin/js

Files:

• bookmarklet.js (modified) (3 diffs)
• bookmarklet.min.js (modified) (1 diff)

trunk/src/wp-admin/js/bookmarklet.js

@@ -1 +1 @@
 ( function( window, document, href, pt_url ) {
-    var encodeURI = window.encodeURIComponent,
+    var encURI = window.encodeURIComponent,
         form = document.createElement( 'form' ),
         head = document.getElementsByTagName( 'head' )[0],
         img = new Image(),
         target = '_press_this_app',
+        canPost = true,
         windowWidth, windowHeight,
         metas, links, content, imgs, ifrs,
-        vid, selection;
+        vid, selection, newWin;
 
     if ( ! pt_url ) {
+        return;
+    }
+
+    if ( href.match( /^https?:/ ) ) {
+        pt_url += '&u=' + encURI( href );
+        if ( href.match( /^https:/ ) && pt_url.match( /^http:/ ) ) {
+            canPost = false;
+        }
+    } else {
+        top.location.href = pt_url;
         return;
     }
@@ -23 +34 @@
     pt_url += ( pt_url.indexOf( '?' ) > -1 ? '&' : '?' ) + 'buster=' + ( new Date().getTime() );
 
-    if ( document.title.length && document.title.length <= 512 ) {
-        pt_url += '&t=' + encodeURI( document.title );
+    if ( document.title.length && ( document.title.length <= 256 || ! canPost ) ) {
+        pt_url += '&t=' + encURI( document.title.substr( 0, 256 ) );
     }
 
-    if ( selection && selection.length <= 512 ) {
-        pt_url += '&s=' + encodeURI( selection );
+    if ( selection && ( selection.length <= 512 || ! canPost ) ) {
+        pt_url += '&s=' + encURI( selection.substr( 0, 512 ) );
     }
 
-    if ( href.match( /^https?:/ ) ) {
-        pt_url += '&u=' + encodeURI( href );
-    } else {
-        top.location.href = pt_url;
+    windowWidth  = window.outerWidth || document.documentElement.clientWidth || 600;
+    windowHeight = window.outerHeight || document.documentElement.clientHeight || 700;
+
+    windowWidth = ( windowWidth < 800 || windowWidth > 5000 ) ? 600 : ( windowWidth * 0.7 );
+    windowHeight = ( windowHeight < 800 || windowHeight > 3000 ) ? 700 : ( windowHeight * 0.9 );
+
+    if ( ! canPost ) {
+        newWin = window.open( pt_url, target, 'location,resizable,scrollbars,width=' + windowWidth + ',height=' + windowHeight );
+        newWin.focus();
         return;
     }
@@ -174 +190 @@
     form.setAttribute( 'style', 'display: none;' );
 
-    windowWidth  = window.outerWidth || document.documentElement.clientWidth || 600;
-    windowHeight = window.outerHeight || document.documentElement.clientHeight || 700;
-
-    windowWidth = ( windowWidth < 800 || windowWidth > 5000 ) ? 600 : ( windowWidth * 0.7 );
-    windowHeight = ( windowHeight < 800 || windowHeight > 3000 ) ? 700 : ( windowHeight * 0.9 );
-
-    window.open( 'about:blank', target, 'location,resizable,scrollbars,width=' + windowWidth + ',height=' + windowHeight );
+    newWin = window.open( 'about:blank', target, 'location,resizable,scrollbars,width=' + windowWidth + ',height=' + windowHeight );
 
     document.body.appendChild( form );
+    form.submit();
 
-    form.submit();
+    newWin.focus();
 } )( window, document, top.location.href, window.pt_url );

trunk/src/wp-admin/js/bookmarklet.min.js

@@ -1 @@
-(function(a,b,c,d){function e(a,c){if("undefined"!=typeof c){var d=b.createElement("input");d.name=a,d.value=c,d.type="hidden",p.appendChild(d)}}var f,g,h,i,j,k,l,m,n,o=a.encodeURIComponent,p=b.createElement("form"),q=b.getElementsByTagName("head")[0],r=new Image,s="_press_this_app";if(d){if(a.getSelection?n=a.getSelection()+"":b.getSelection?n=b.getSelection()+"":b.selection&&(n=b.selection.createRange().text),d+=(d.indexOf("?")>-1?"&":"?")+"buster="+(new Date).getTime(),b.title.length&&b.title.length<=512&&(d+="&t="+o(b.title)),n&&n.length<=512&&(d+="&s="+o(n)),!c.match(/^https?:/))return void(top.location.href=d);d+="&u="+o(c),c.match(/\/\/www\.youtube\.com\/watch/)?e("_embed[]",c):c.match(/\/\/vimeo\.com\/(.+\/)?([\d]+)$/)?e("_embed[]",c):c.match(/\/\/(www\.)?dailymotion\.com\/video\/.+$/)?e("_embed[]",c):c.match(/\/\/soundcloud\.com\/.+$/)?e("_embed[]",c):c.match(/\/\/twitter\.com\/[^\/]+\/status\/[\d]+$/)?e("_embed[]",c):c.match(/\/\/vine\.co\/v\/[^\/]+/)&&e("_embed[]",c),h=q.getElementsByTagName("meta")||[];for(var t=0;t<h.length&&!(t>=50);t++){var u=h[t],v=u.getAttribute("name"),w=u.getAttribute("property"),x=u.getAttribute("content");v?e("_meta["+v+"]",x):w&&e("_meta["+w+"]",x)}i=q.getElementsByTagName("link")||[];for(var y=0;y<i.length&&!(y>=50);y++){var z=i[y],A=z.getAttribute("rel");if(A)switch(A){case"canonical":case"icon":case"shortlink":e("_links["+A+"]",z.getAttribute("href"));break;case"alternate":"application/json+oembed"===z.getAttribute("type")?e("_links["+A+"]",z.getAttribute("href")):"handheld"===z.getAttribute("media")&&e("_links["+A+"]",z.getAttribute("href"))}}b.body.getElementsByClassName&&(j=b.body.getElementsByClassName("hfeed")[0]),j=b.getElementById("content")||j||b.body,k=j.getElementsByTagName("img")||[];for(var B=0;B<k.length&&!(B>=100);B++)k[B].src.indexOf("avatar")>-1||k[B].className.indexOf("avatar")>-1||(r.src=k[B].src,r.width>=256&&r.height>=128&&e("_img[]",r.src));l=b.body.getElementsByTagName("iframe")||[];for(var C=0;C<l.length&&!(C>=100);C++)m=l[C].src.match(/\/\/www\.youtube\.com\/embed\/([^\?]+)\?.+$/),m&&2===m.length&&e("_embed[]","https://www.youtube.com/watch?v="+m[1]),m=l[C].src.match(/\/\/player\.vimeo\.com\/video\/([\d]+)$/),m&&2===m.length&&e("_embed[]","https://vimeo.com/"+m[1]),m=l[C].src.match(/\/\/vine\.co\/v\/([^\/]+)\/embed/),m&&2===m.length&&e("_embed[]","https://vine.co/v/"+m[1]);b.title&&b.title>512&&e("t",b.title),n&&n.length>512&&e("s",n),p.setAttribute("method","POST"),p.setAttribute("action",d),p.setAttribute("target",s),p.setAttribute("style","display: none;"),f=a.outerWidth||b.documentElement.clientWidth||600,g=a.outerHeight||b.documentElement.clientHeight||700,f=800>f||f>5e3?600:.7*f,g=800>g||g>3e3?700:.9*g,a.open("about:blank",s,"location,resizable,scrollbars,width="+f+",height="+g),b.body.appendChild(p),p.submit()}})(window,document,top.location.href,window.pt_url);
+(function(a,b,c,d){function e(a,c){if("undefined"!=typeof c){var d=b.createElement("input");d.name=a,d.value=c,d.type="hidden",q.appendChild(d)}}var f,g,h,i,j,k,l,m,n,o,p=a.encodeURIComponent,q=b.createElement("form"),r=b.getElementsByTagName("head")[0],s=new Image,t="_press_this_app",u=!0;if(d){if(!c.match(/^https?:/))return void(top.location.href=d);if(d+="&u="+p(c),c.match(/^https:/)&&d.match(/^http:/)&&(u=!1),a.getSelection?n=a.getSelection()+"":b.getSelection?n=b.getSelection()+"":b.selection&&(n=b.selection.createRange().text),d+=(d.indexOf("?")>-1?"&":"?")+"buster="+(new Date).getTime(),b.title.length&&(b.title.length<=256||!u)&&(d+="&t="+p(b.title.substr(0,256))),n&&(n.length<=512||!u)&&(d+="&s="+p(n.substr(0,512))),f=a.outerWidth||b.documentElement.clientWidth||600,g=a.outerHeight||b.documentElement.clientHeight||700,f=800>f||f>5e3?600:.7*f,g=800>g||g>3e3?700:.9*g,!u)return o=a.open(d,t,"location,resizable,scrollbars,width="+f+",height="+g),void o.focus();c.match(/\/\/www\.youtube\.com\/watch/)?e("_embed[]",c):c.match(/\/\/vimeo\.com\/(.+\/)?([\d]+)$/)?e("_embed[]",c):c.match(/\/\/(www\.)?dailymotion\.com\/video\/.+$/)?e("_embed[]",c):c.match(/\/\/soundcloud\.com\/.+$/)?e("_embed[]",c):c.match(/\/\/twitter\.com\/[^\/]+\/status\/[\d]+$/)?e("_embed[]",c):c.match(/\/\/vine\.co\/v\/[^\/]+/)&&e("_embed[]",c),h=r.getElementsByTagName("meta")||[];for(var v=0;v<h.length&&!(v>=50);v++){var w=h[v],x=w.getAttribute("name"),y=w.getAttribute("property"),z=w.getAttribute("content");x?e("_meta["+x+"]",z):y&&e("_meta["+y+"]",z)}i=r.getElementsByTagName("link")||[];for(var A=0;A<i.length&&!(A>=50);A++){var B=i[A],C=B.getAttribute("rel");if(C)switch(C){case"canonical":case"icon":case"shortlink":e("_links["+C+"]",B.getAttribute("href"));break;case"alternate":"application/json+oembed"===B.getAttribute("type")?e("_links["+C+"]",B.getAttribute("href")):"handheld"===B.getAttribute("media")&&e("_links["+C+"]",B.getAttribute("href"))}}b.body.getElementsByClassName&&(j=b.body.getElementsByClassName("hfeed")[0]),j=b.getElementById("content")||j||b.body,k=j.getElementsByTagName("img")||[];for(var D=0;D<k.length&&!(D>=100);D++)k[D].src.indexOf("avatar")>-1||k[D].className.indexOf("avatar")>-1||(s.src=k[D].src,s.width>=256&&s.height>=128&&e("_img[]",s.src));l=b.body.getElementsByTagName("iframe")||[];for(var E=0;E<l.length&&!(E>=100);E++)m=l[E].src.match(/\/\/www\.youtube\.com\/embed\/([^\?]+)\?.+$/),m&&2===m.length&&e("_embed[]","https://www.youtube.com/watch?v="+m[1]),m=l[E].src.match(/\/\/player\.vimeo\.com\/video\/([\d]+)$/),m&&2===m.length&&e("_embed[]","https://vimeo.com/"+m[1]),m=l[E].src.match(/\/\/vine\.co\/v\/([^\/]+)\/embed/),m&&2===m.length&&e("_embed[]","https://vine.co/v/"+m[1]);b.title&&b.title>512&&e("t",b.title),n&&n.length>512&&e("s",n),q.setAttribute("method","POST"),q.setAttribute("action",d),q.setAttribute("target",t),q.setAttribute("style","display: none;"),o=a.open("about:blank",t,"location,resizable,scrollbars,width="+f+",height="+g),b.body.appendChild(q),q.submit(),o.focus()}})(window,document,top.location.href,window.pt_url);