Commit Graph

46 Commits

Author SHA1 Message Date
hannes
884aeb4d2e common_purify() doesn't remove wordpress' and facebook's javascript properly, maybe better to keep the data intact, and do strip_tags or something similar when using the data 2016-01-26 01:10:15 +00:00
hannes
473f893d04 detab 2016-01-26 01:07:44 +00:00
hannes
76c8139054 not pretty, but gives us better oembed data for wordpress and facebook 2016-01-26 01:05:53 +00:00
mmn
44c10bb2aa Merge branch 'oembed_branch' into 'nightly'
purify oembed html and don't allow cdata

hopefully we never need stuff in cdata

reason for this is that this link serves javascript in its oembed data: https://www.maketecheasier.com/switch-windows-10-to-linux/

see:
https://www.maketecheasier.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.maketecheasier.com%2Fswitch-windows-10-to-linux%2F

i don't feel we want that in our database.  

See merge request !79
2016-01-15 13:11:35 +00:00
Mikael Nordfeldth
0caf0612d0 Make Twitter Media upload API v1.1 reach us
Now we just have to accept the 'media' or 'media_data' (base64 encoded)
POST arguments instead of $_FILES uploads.
2016-01-14 18:29:21 +01:00
Mikael Nordfeldth
53339ff463 Fake oEmbed version in OpenGraph return object 2016-01-14 02:09:12 +01:00
Mikael Nordfeldth
24d9d76644 OpenGraph image/thumbnail width and height 2016-01-13 22:07:39 +01:00
hannes
ee305891c4 purify oembed html 2016-01-13 16:03:38 +00:00
Mikael Nordfeldth
3720e37f06 property attribute could be null in meta tags of course 2016-01-13 14:24:00 +01:00
Mikael Nordfeldth
3658774429 Super-basic OpenGraph image preview support, "works for me" 2016-01-12 15:29:03 +01:00
Mikael Nordfeldth
d4be5349b3 think I have managed to show oEmbed images better now 2016-01-07 17:35:37 +01:00
Mikael Nordfeldth
b596391fcd Avoid having to check for notices without rendered copies in upgrade.php
Always call the Notice->getRendered() function to get a rendered copy.
We could perhaps put some sanitation there too in the future
2016-01-06 15:32:27 +01:00
Mikael Nordfeldth
6772d991ae Only provide Notice oEmbed data for local notices 2015-12-31 01:55:18 +01:00
Mikael Nordfeldth
feb6b636f4 File_oembed varchar to text changes
No need to have text length limitations in the database for fields which
very well may be longer than what was previously set.
2015-12-27 12:11:29 +01:00
Mikael Nordfeldth
334a0d56e7 Oembed slimmed to only do discovery (soon we get og: discovery too) 2015-11-30 02:06:04 +01:00
Mikael Nordfeldth
b7edac2610 HTTPClient get $params array and oEmbedHelper uses it 2015-11-30 01:28:18 +01:00
Stephen Paul Weber
a9b1b60a97 Refactor on File::processNew
The code was so involved there was even a comment asking for a refactor.

Now, File_redirection::where always returns a nice File_redirection
object instead of an array or string or nothing.  The object is
either one which already existed or else a new, unsaved object.

Instead of duplicating "does it exist" checks everywhere, do it in
File_redirection::where.  You either get what exists or something to save.

An unsaved File_redirection may be paired with an unsaved File.
You will want to save the File first (using ->saveFile()) and put the
id in File_redirection#file_id before saving.
2015-11-02 05:15:08 +00:00
digital dreamer
d7fd6bac72 Snapshot of the Transifex translation project - October 2015 2015-10-04 18:23:01 +02:00
Mikael Nordfeldth
d52b7e3124 Oembed fiddling, nothing major 2015-10-01 22:18:33 +02:00
Mikael Nordfeldth
118a4f56ab Script to test remote oEmbed endpoints 2015-09-28 12:25:40 +02:00
Mikael Nordfeldth
8a002e98bc File-related functions not declared static 2015-06-07 10:01:28 +02:00
Mikael Nordfeldth
f094918cf6 Revert "Inverse logic error in OembedPlugin"
This reverts commit 9ab996d9e6.
2015-04-05 15:44:04 +02:00
Mikael Nordfeldth
4fc4f91b9e Allow oEmbed data from all sites by default 2015-04-03 21:00:19 +02:00
Mikael Nordfeldth
9ab996d9e6 Inverse logic error in OembedPlugin 2015-04-03 20:59:56 +02:00
Mikael Nordfeldth
3cf5fe8795 bad URL is a clientError 2015-04-03 20:58:12 +02:00
Mikael Nordfeldth
94d3f50aee oEmbed Action logic simplified (early return) 2015-04-03 20:47:08 +02:00
Mikael Nordfeldth
3dc30b6b8f oEmbed helper never finished because of "break 2;" 2015-04-03 20:11:55 +02:00
Mikael Nordfeldth
1e89540c3f Merge branch 'nightly', beginning of 1.2.x
Conflicts:
	plugins/APC/locale/APC.pot
	plugins/APC/locale/ast/LC_MESSAGES/APC.po
	plugins/APC/locale/be-tarask/LC_MESSAGES/APC.po
	plugins/APC/locale/br/LC_MESSAGES/APC.po
	plugins/APC/locale/de/LC_MESSAGES/APC.po
	plugins/APC/locale/es/LC_MESSAGES/APC.po
	plugins/APC/locale/eu/LC_MESSAGES/APC.po
	plugins/APC/locale/fr/LC_MESSAGES/APC.po
	plugins/APC/locale/gl/LC_MESSAGES/APC.po
	plugins/APC/locale/he/LC_MESSAGES/APC.po
	plugins/APC/locale/ia/LC_MESSAGES/APC.po
	plugins/APC/locale/id/LC_MESSAGES/APC.po
	plugins/APC/locale/it/LC_MESSAGES/APC.po
	plugins/APC/locale/mk/LC_MESSAGES/APC.po
	plugins/APC/locale/ms/LC_MESSAGES/APC.po
	plugins/APC/locale/nb/LC_MESSAGES/APC.po
	plugins/APC/locale/nl/LC_MESSAGES/APC.po
	plugins/APC/locale/pl/LC_MESSAGES/APC.po
	plugins/APC/locale/pt/LC_MESSAGES/APC.po
	plugins/APC/locale/pt_BR/LC_MESSAGES/APC.po
	plugins/APC/locale/ru/LC_MESSAGES/APC.po
	plugins/APC/locale/tl/LC_MESSAGES/APC.po
	plugins/APC/locale/uk/LC_MESSAGES/APC.po
	plugins/APC/locale/zh_CN/LC_MESSAGES/APC.po
	plugins/Adsense/locale/Adsense.pot
	plugins/Adsense/locale/be-tarask/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/br/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/ca/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/de/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/es/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/eu/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/fr/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/gl/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/he/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/ia/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/it/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/ja/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/ka/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/lb/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/lt/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/mk/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/ms/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/nb/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/nl/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/pl/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/pt/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/pt_BR/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/ru/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/sv/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/tl/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/tr/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/uk/LC_MESSAGES/Adsense.po
	plugins/Adsense/locale/zh_CN/LC_MESSAGES/Adsense.po
	plugins/Aim/locale/Aim.pot
	plugins/Aim/locale/af/LC_MESSAGES/Aim.po
	plugins/Aim/locale/ca/LC_MESSAGES/Aim.po
	plugins/Aim/locale/de/LC_MESSAGES/Aim.po
	plugins/Aim/locale/es/LC_MESSAGES/Aim.po
	plugins/Aim/locale/eu/LC_MESSAGES/Aim.po
	plugins/Aim/locale/fi/LC_MESSAGES/Aim.po
	plugins/Aim/locale/fr/LC_MESSAGES/Aim.po
	plugins/Aim/locale/gl/LC_MESSAGES/Aim.po
	plugins/Aim/locale/ia/LC_MESSAGES/Aim.po
	plugins/Aim/locale/it/LC_MESSAGES/Aim.po
	plugins/Aim/locale/mk/LC_MESSAGES/Aim.po
	plugins/Aim/locale/ms/LC_MESSAGES/Aim.po
	plugins/Aim/locale/nl/LC_MESSAGES/Aim.po
	plugins/Aim/locale/pl/LC_MESSAGES/Aim.po
	plugins/Aim/locale/pt/LC_MESSAGES/Aim.po
	plugins/Aim/locale/sv/LC_MESSAGES/Aim.po
	plugins/Aim/locale/tl/LC_MESSAGES/Aim.po
	plugins/Aim/locale/uk/LC_MESSAGES/Aim.po
	plugins/Blog/locale/Blog.pot
	plugins/Blog/locale/ar/LC_MESSAGES/Blog.po
	plugins/Blog/locale/br/LC_MESSAGES/Blog.po
	plugins/Blog/locale/ca/LC_MESSAGES/Blog.po
	plugins/Blog/locale/de/LC_MESSAGES/Blog.po
	plugins/Blog/locale/es/LC_MESSAGES/Blog.po
	plugins/Blog/locale/eu/LC_MESSAGES/Blog.po
	plugins/Blog/locale/fr/LC_MESSAGES/Blog.po
	plugins/Blog/locale/gl/LC_MESSAGES/Blog.po
	plugins/Blog/locale/ia/LC_MESSAGES/Blog.po
	plugins/Blog/locale/it/LC_MESSAGES/Blog.po
	plugins/Blog/locale/lt/LC_MESSAGES/Blog.po
	plugins/Blog/locale/mk/LC_MESSAGES/Blog.po
	plugins/Blog/locale/nl/LC_MESSAGES/Blog.po
	plugins/Blog/locale/tl/LC_MESSAGES/Blog.po
	plugins/Blog/locale/tr/LC_MESSAGES/Blog.po
	plugins/Irc/locale/Irc.pot
	plugins/Irc/locale/ca/LC_MESSAGES/Irc.po
	plugins/Irc/locale/de/LC_MESSAGES/Irc.po
	plugins/Irc/locale/es/LC_MESSAGES/Irc.po
	plugins/Irc/locale/eu/LC_MESSAGES/Irc.po
	plugins/Irc/locale/fi/LC_MESSAGES/Irc.po
	plugins/Irc/locale/fr/LC_MESSAGES/Irc.po
	plugins/Irc/locale/gl/LC_MESSAGES/Irc.po
	plugins/Irc/locale/ia/LC_MESSAGES/Irc.po
	plugins/Irc/locale/it/LC_MESSAGES/Irc.po
	plugins/Irc/locale/ja/LC_MESSAGES/Irc.po
	plugins/Irc/locale/mk/LC_MESSAGES/Irc.po
	plugins/Irc/locale/nl/LC_MESSAGES/Irc.po
	plugins/Irc/locale/sv/LC_MESSAGES/Irc.po
	plugins/Irc/locale/tl/LC_MESSAGES/Irc.po
	plugins/Irc/locale/tr/LC_MESSAGES/Irc.po
	plugins/Irc/locale/uk/LC_MESSAGES/Irc.po
	plugins/Spotify/locale/Spotify.pot
	plugins/Spotify/locale/de/LC_MESSAGES/Spotify.po
	plugins/Spotify/locale/es/LC_MESSAGES/Spotify.po
	plugins/Spotify/locale/fr/LC_MESSAGES/Spotify.po
	plugins/Spotify/locale/gl/LC_MESSAGES/Spotify.po
	plugins/Spotify/locale/he/LC_MESSAGES/Spotify.po
	plugins/Spotify/locale/ia/LC_MESSAGES/Spotify.po
	plugins/Spotify/locale/mk/LC_MESSAGES/Spotify.po
	plugins/Spotify/locale/nl/LC_MESSAGES/Spotify.po
	plugins/Spotify/locale/sv/LC_MESSAGES/Spotify.po
	plugins/Spotify/locale/tl/LC_MESSAGES/Spotify.po
	plugins/TinyMCE/locale/TinyMCE.pot
	plugins/TinyMCE/locale/ca/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/de/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/eo/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/es/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/fr/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/gl/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/he/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/ia/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/id/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/ja/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/mk/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/ms/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/nb/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/nl/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/pt/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/pt_BR/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/ru/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/tl/LC_MESSAGES/TinyMCE.po
	plugins/TinyMCE/locale/uk/LC_MESSAGES/TinyMCE.po
	plugins/XCache/locale/XCache.pot
	plugins/XCache/locale/ast/LC_MESSAGES/XCache.po
	plugins/XCache/locale/br/LC_MESSAGES/XCache.po
	plugins/XCache/locale/de/LC_MESSAGES/XCache.po
	plugins/XCache/locale/es/LC_MESSAGES/XCache.po
	plugins/XCache/locale/eu/LC_MESSAGES/XCache.po
	plugins/XCache/locale/fi/LC_MESSAGES/XCache.po
	plugins/XCache/locale/fr/LC_MESSAGES/XCache.po
	plugins/XCache/locale/gl/LC_MESSAGES/XCache.po
	plugins/XCache/locale/he/LC_MESSAGES/XCache.po
	plugins/XCache/locale/ia/LC_MESSAGES/XCache.po
	plugins/XCache/locale/id/LC_MESSAGES/XCache.po
	plugins/XCache/locale/mk/LC_MESSAGES/XCache.po
	plugins/XCache/locale/ms/LC_MESSAGES/XCache.po
	plugins/XCache/locale/nb/LC_MESSAGES/XCache.po
	plugins/XCache/locale/nl/LC_MESSAGES/XCache.po
	plugins/XCache/locale/pl/LC_MESSAGES/XCache.po
	plugins/XCache/locale/pt/LC_MESSAGES/XCache.po
	plugins/XCache/locale/pt_BR/LC_MESSAGES/XCache.po
	plugins/XCache/locale/ru/LC_MESSAGES/XCache.po
	plugins/XCache/locale/tl/LC_MESSAGES/XCache.po
	plugins/XCache/locale/tr/LC_MESSAGES/XCache.po
	plugins/XCache/locale/uk/LC_MESSAGES/XCache.po
	plugins/YammerImport/locale/YammerImport.pot
	plugins/YammerImport/locale/br/LC_MESSAGES/YammerImport.po
	plugins/YammerImport/locale/de/LC_MESSAGES/YammerImport.po
	plugins/YammerImport/locale/es/LC_MESSAGES/YammerImport.po
	plugins/YammerImport/locale/eu/LC_MESSAGES/YammerImport.po
	plugins/YammerImport/locale/fr/LC_MESSAGES/YammerImport.po
	plugins/YammerImport/locale/gl/LC_MESSAGES/YammerImport.po
	plugins/YammerImport/locale/ia/LC_MESSAGES/YammerImport.po
	plugins/YammerImport/locale/mk/LC_MESSAGES/YammerImport.po
	plugins/YammerImport/locale/ms/LC_MESSAGES/YammerImport.po
	plugins/YammerImport/locale/nl/LC_MESSAGES/YammerImport.po
	plugins/YammerImport/locale/pl/LC_MESSAGES/YammerImport.po
	plugins/YammerImport/locale/ru/LC_MESSAGES/YammerImport.po
	plugins/YammerImport/locale/tl/LC_MESSAGES/YammerImport.po
	plugins/YammerImport/locale/tr/LC_MESSAGES/YammerImport.po
	plugins/YammerImport/locale/uk/LC_MESSAGES/YammerImport.po
2015-03-09 11:01:17 +01:00
digital dreamer
a452a3b1a0 Snapshot of the Transifex translation project - February 2015 2015-03-08 09:34:38 +01:00
Mikael Nordfeldth
8fac7a9f6c StatusNet class renamed GNUsocial
also added backward compatible StatusNet class for the two calls I know
third party plugins use, isHTTPS and getActivePlugins
2015-02-27 12:44:15 +01:00
Mikael Nordfeldth
2f86cd8602 utf8mb4 conversion on database with index adjusts 2015-02-12 18:18:55 +01:00
Mikael Nordfeldth
000b7675d8 Vimeo oEmbed thumbnail host added to whitelist 2015-02-02 11:14:13 +01:00
Mikael Nordfeldth
acd36698b4 A bunch of clientError that were called as serverError
Calling serverError with a clientError status code (4xx) means it will
automatically default to Internal Server Error (500) which is in the
server error status code range (5xx). That is undesirable.
2015-01-29 23:35:49 +01:00
Mikael Nordfeldth
470971cf47 File_thumbnail uses file_id as PRI 2015-01-25 13:13:01 +01:00
Mikael Nordfeldth
12058c30b4 Managed_DataObject->updateWithKeys throws its own exception 2015-01-25 12:54:08 +01:00
Mikael Nordfeldth
0e0783ee8c Regexp for Oembed domain matching 2015-01-25 11:18:57 +01:00
Mikael Nordfeldth
85e644d647 Remote thumbnail fetching from trusted sources
So far we only trust i.ytimg.com for YouTube thumbnails, but you can
configure the Oembed plugin in config.php by setting the plugin's class vars:

   addPlugin('Oembed', array('param'=>'value', ...));

Some might think this is a security risk or privacy invasive, but as the Oembed
script is already calling remote sites to get information _about_ linked media,
the way to stop it is to disable the Oembed plugin. However it is not certain
it has been migrated out into a plugin properly yet. But try it if you want to.
2015-01-25 02:34:40 +01:00
Mikael Nordfeldth
999175d741 File_oembed::byFile to avoid littering with getKV 2015-01-25 02:32:04 +01:00
Mikael Nordfeldth
f5efbd8037 twitPic no longer exists/is active 2015-01-17 12:07:57 +01:00
Mikael Nordfeldth
092dfee1c6 spring cleaning in Oembed helper list
Fixed http -> https and removed some dead services
2015-01-17 12:06:08 +01:00
Mikael Nordfeldth
414a95a784 Initial move towards microformats2
No validation has been attempted yet. Lots of changes left. This
is visibly not (very) different from the previous CSS layout. But
some simplifications have been made.

Might cause issues with local changes to themes and CSS. Also maybe
javascript which depends on certain legacy microformats elements.

The move to microformats2 is motivated by the announcement that all
microformats should be migrated to version 2, as of 2014-06-20 at:
http://microformats.org/2014/06/20/microformats-org-turns-9-upgrade-to-microformats2
2014-06-22 17:11:04 +02:00
Mikael Nordfeldth
d7c40e77b2 Show more links work with AJAX-retrieved HTML
Attachment_ajaxAction has been removed since AttachmentAction handles
AJAX calls splendidly.
2014-05-19 00:56:21 +02:00
Mikael Nordfeldth
c93a5252c1 Don't show or preview text/html attachments
htmLawed cleans stuff out properly, but there's no very good way right
now to show text/html attachments, since everything gets jumbled up with
our own CSS etc. Best would be an iframe or just a new tab or so.
2014-05-18 23:11:49 +02:00
Mikael Nordfeldth
04b7194511 Notice->getUrl() for shares would throw exception in some feeds 2014-05-10 13:06:18 +02:00
Mikael Nordfeldth
d1755e4363 Bad variable reference in OembedPlugin 2014-05-06 23:43:02 +02:00
Mikael Nordfeldth
1776c90cb9 Moved oEmbed stuff out to a plugin (Oembed). 2014-05-06 23:32:13 +02:00