mirror of
https://github.com/Lastorder-DC/rhymix.git
synced 2026-04-17 09:24:17 +09:00
Always format media filter prefixes in exactly the same way
This commit is contained in:
Kijin Sung
parent
6944b64643
commit
251b43cd00
2 changed files with 24 additions and 8 deletions
|
|
@ -27,7 +27,7 @@ class MediaFilter
|
|||
self::_loadWhitelists();
|
||||
}
|
||||
|
||||
$prefix = preg_match('@^https?://(.*)$@i', $prefix, $matches) ? $matches[1] : $prefix;
|
||||
$prefix = self::formatPrefix($prefix);
|
||||
if (!in_array($prefix, self::$_iframe_whitelist))
|
||||
{
|
||||
self::$_iframe_whitelist[] = $prefix;
|
||||
|
|
@ -55,7 +55,7 @@ class MediaFilter
|
|||
self::_loadWhitelists();
|
||||
}
|
||||
|
||||
$prefix = preg_match('@^https?://(.*)$@i', $prefix, $matches) ? $matches[1] : $prefix;
|
||||
$prefix = self::formatPrefix($prefix);
|
||||
if (!in_array($prefix, self::$_object_whitelist))
|
||||
{
|
||||
self::$_object_whitelist[] = $prefix;
|
||||
|
|
@ -69,6 +69,22 @@ class MediaFilter
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Format a prefix for standardization.
|
||||
*
|
||||
* @param string $prefix
|
||||
* @return string
|
||||
*/
|
||||
public static function formatPrefix($prefix)
|
||||
{
|
||||
$prefix = preg_match('@^https?://(.*)$@i', $prefix, $matches) ? $matches[1] : $prefix;
|
||||
if (strpos($prefix, '/') === false)
|
||||
{
|
||||
$prefix .= '/';
|
||||
}
|
||||
return $prefix;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the iframe whitelist.
|
||||
*
|
||||
|
|
@ -195,11 +211,11 @@ class MediaFilter
|
|||
}
|
||||
foreach ($custom_whitelist['iframe'] as $prefix)
|
||||
{
|
||||
self::$_iframe_whitelist[] = preg_match('@^https?://(.*)$@i', $prefix, $matches) ? $matches[1] : $prefix;
|
||||
self::$_iframe_whitelist[] = self::formatPrefix($prefix);
|
||||
}
|
||||
foreach ($custom_whitelist['object'] as $prefix)
|
||||
{
|
||||
self::$_object_whitelist[] = preg_match('@^https?://(.*)$@i', $prefix, $matches) ? $matches[1] : $prefix;
|
||||
self::$_object_whitelist[] = self::formatPrefix($prefix);
|
||||
}
|
||||
}
|
||||
else
|
||||
|
|
@ -216,14 +232,14 @@ class MediaFilter
|
|||
{
|
||||
foreach ($iframe_whitelist as $prefix)
|
||||
{
|
||||
self::$_iframe_whitelist[] = preg_match('@^https?://(.*)$@i', $prefix, $matches) ? $matches[1] : $prefix;
|
||||
self::$_iframe_whitelist[] = self::formatPrefix($prefix);
|
||||
}
|
||||
}
|
||||
if ($object_whitelist = config('mediafilter.object') ?: config('embedfilter.object'))
|
||||
{
|
||||
foreach ($object_whitelist as $prefix)
|
||||
{
|
||||
self::$_object_whitelist[] = preg_match('@^https?://(.*)$@i', $prefix, $matches) ? $matches[1] : $prefix;
|
||||
self::$_object_whitelist[] = self::formatPrefix($prefix);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -561,7 +561,7 @@ class adminAdminController extends admin
|
|||
return $item !== '';
|
||||
});
|
||||
$iframe_whitelist = array_unique(array_map(function($item) {
|
||||
return preg_match('@^https?://(.*)$@i', $item, $matches) ? $matches[1] : $item;
|
||||
return Rhymix\Framework\Security\MediaFilter::formatPrefix($item);
|
||||
}, $iframe_whitelist));
|
||||
natcasesort($iframe_whitelist);
|
||||
Rhymix\Framework\Config::set('mediafilter.iframe', array_values($iframe_whitelist));
|
||||
|
|
@ -572,7 +572,7 @@ class adminAdminController extends admin
|
|||
return $item !== '';
|
||||
});
|
||||
$object_whitelist = array_unique(array_map(function($item) {
|
||||
return preg_match('@^https?://(.*)$@i', $item, $matches) ? $matches[1] : $item;
|
||||
return Rhymix\Framework\Security\MediaFilter::formatPrefix($item);
|
||||
}, $object_whitelist));
|
||||
natcasesort($object_whitelist);
|
||||
Rhymix\Framework\Config::set('mediafilter.object', array_values($object_whitelist));
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue