Changeset 35437
- Timestamp:
- 10/29/2015 11:10:46 PM (9 years ago)
- Location:
- trunk
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-includes/default-filters.php
r35436 r35437 166 166 add_filter( 'the_content_rss', 'ent2ncr', 8 ); 167 167 add_filter( 'the_content_feed', 'wp_staticize_emoji' ); 168 add_filter( 'the_content_feed', '_oembed_filter_feed_content' ); 168 169 add_filter( 'the_excerpt_rss', 'convert_chars' ); 169 170 add_filter( 'the_excerpt_rss', 'ent2ncr', 8 ); -
trunk/src/wp-includes/embed-functions.php
r35436 r35437 462 462 $embed_url = get_post_embed_url( $post ); 463 463 464 $output = "<script type='text/javascript'>\n"; 464 $output = '<blockquote><a href="' . get_permalink( $post ) . '">' . get_the_title( $post ) . "</a></blockquote>\n"; 465 466 $output .= "<script type='text/javascript'>\n"; 465 467 $output .= "<!--//--><![CDATA[//><!--\n"; 466 468 if ( SCRIPT_DEBUG ) { … … 753 755 754 756 $allowed_html = array( 755 'iframe' => array( 757 'a' => array( 758 'href' => true, 759 ), 760 'blockquote' => array(), 761 'iframe' => array( 756 762 'src' => true, 757 763 'width' => true, … … 767 773 768 774 $html = wp_kses( $result, $allowed_html ); 769 preg_match( '|^.*(<iframe.*?></iframe>).*$|m', $html, $iframes ); 770 771 if ( empty( $iframes ) ) { 775 776 preg_match( '|(<blockquote>.*?</blockquote>)?.*(<iframe.*?></iframe>)|ms', $html, $content ); 777 // We require at least the iframe to exist. 778 if ( empty( $content[2] ) ) { 772 779 return false; 773 780 } 774 775 $html = str_replace( '<iframe', '<iframe sandbox="allow-scripts" security="restricted"', $iframes[1] ); 781 $html = $content[1] . $content[2]; 782 783 if ( ! empty( $content[1] ) ) { 784 // We have a blockquote to fall back on. Hide the iframe by default. 785 $html = str_replace( '<iframe', '<iframe style="display:none;"', $html ); 786 } 787 788 $html = str_replace( '<iframe', '<iframe sandbox="allow-scripts" security="restricted"', $html ); 776 789 777 790 preg_match( '/ src=[\'"]([^\'"]*)[\'"]/', $html, $results ); … … 783 796 784 797 $html = str_replace( $results[0], " src=\"$url\" data-secret=\"$secret\"", $html ); 798 $html = str_replace( '<blockquote', "<blockquote data-secret=\"$secret\"", $html ); 785 799 } 786 800 … … 911 925 <?php 912 926 } 927 928 /** 929 * Prepare the oembed HTML to be displayed in an RSS feed. 930 * 931 * @since 4.4.0 932 * @access private 933 * 934 * @param string $content The content to filter. 935 * @return string The filtered content. 936 */ 937 function _oembed_filter_feed_content( $content ) { 938 return str_replace( '<iframe sandbox="allow-scripts" security="restricted" style="display:none;"', '<iframe sandbox="allow-scripts" security="restricted"', $content ); 939 } -
trunk/src/wp-includes/js/wp-embed.js
r35235 r35437 14 14 } 15 15 16 var iframes = document.querySelectorAll( '.wp-embedded-content[data-secret="' + data.secret + '"]' ); 16 var iframes = document.querySelectorAll( 'iframe[data-secret="' + data.secret + '"]' ), 17 blockquotes = document.querySelectorAll( 'blockquote[data-secret="' + data.secret + '"]' ), 18 i, source, height, sourceURL, targetURL; 17 19 18 for ( var i = 0; i < iframes.length; i++ ) { 19 var source = iframes[ i ]; 20 for ( i = 0; i < blockquotes.length; i++ ) { 21 blockquotes[ i ].style.display = 'none'; 22 } 23 24 for ( i = 0; i < iframes.length; i++ ) { 25 source = iframes[ i ]; 26 27 source.style.display = ''; 20 28 21 29 /* Resize the iframe on request. */ 22 30 if ( 'height' === data.message ) { 23 varheight = data.value;31 height = data.value; 24 32 if ( height > 1000 ) { 25 33 height = 1000; … … 33 41 /* Link to a specific URL on request. */ 34 42 if ( 'link' === data.message ) { 35 var sourceURL = document.createElement( 'a' ), targetURL = document.createElement( 'a' ); 43 sourceURL = document.createElement( 'a' ); 44 targetURL = document.createElement( 'a' ); 45 36 46 sourceURL.href = source.getAttribute( 'src' ); 37 47 targetURL.href = data.value; … … 49 59 function onLoad() { 50 60 var isIE10 = -1 !== navigator.appVersion.indexOf( 'MSIE 10' ), 51 isIE11 = !!navigator.userAgent.match( /Trident.*rv\:11\./ ); 61 isIE11 = !!navigator.userAgent.match( /Trident.*rv\:11\./ ), 62 iframes, iframeClone, i; 52 63 53 64 /* Remove security attribute from iframes in IE10 and IE11. */ 54 65 if ( isIE10 || isIE11 ) { 55 var iframes = document.querySelectorAll( '.wp-embedded-content[security]' ), iframeClone;66 iframes = document.querySelectorAll( '.wp-embedded-content[security]' ); 56 67 57 for ( vari = 0; i < iframes.length; i++ ) {68 for ( i = 0; i < iframes.length; i++ ) { 58 69 iframeClone = iframes[ i ].cloneNode( true ); 59 70 iframeClone.removeAttribute( 'security' ); -
trunk/tests/phpunit/tests/oembed/filterResult.php
r34903 r35437 79 79 $this->assertFalse( wp_filter_oembed_result( '', (object) array( 'type' => 'rich' ), '' ) ); 80 80 } 81 82 function test_filter_oembed_result_blockquote_adds_style_to_iframe() { 83 $html = '<blockquote></blockquote><iframe></iframe>'; 84 $actual = wp_filter_oembed_result( $html, (object) array( 'type' => 'rich' ), '' ); 85 86 $this->assertEquals( '<blockquote></blockquote><iframe sandbox="allow-scripts" security="restricted" style="display:none;"></iframe>', $actual ); 87 } 88 89 function test_filter_oembed_result_allowed_html() { 90 $html = '<blockquote><strong><a href="" target=""></a></strong></blockquote><iframe></iframe>'; 91 $actual = wp_filter_oembed_result( $html, (object) array( 'type' => 'rich' ), '' ); 92 93 $this->assertEquals( '<blockquote><a href=""></a></blockquote><iframe sandbox="allow-scripts" security="restricted" style="display:none;"></iframe>', $actual ); 94 } 81 95 }
Note: See TracChangeset
for help on using the changeset viewer.