fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-07 10:41:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #33 from kijin/refactor/embed-filter-no-xml

Browse source 
Embed filter에서 XML 설정파일을 제거하고 https 주소 처리 개선
This commit is contained in:
Kijin Sung 2016-01-08 10:41:36 +09:00
commit 4dedd2508c
5 changed files with 1777 additions and 431 deletions
Download patch file Download diff file Expand all files Collapse all files

21
modules/admin/admin.admin.controller.php
View file

@ -549,17 +549,24 @@ class adminAdminController extends admin
$white_object = preg_replace("/[\r\n|\r|\n]+/", '|@|', $white_object);
$white_object = preg_replace("/[\s\'\"]+/", '', $white_object);
$white_object = explode('|@|', $white_object);
$white_object = array_unique($white_object);
$white_object = array_unique(array_map(function($item) {
return preg_match('@^https?://(.*)$@i', $item, $matches) ? $matches[1] : $item;
}, $white_object));
natcasesort($white_object);
$white_iframe = $vars->embed_white_iframe;
$white_iframe = preg_replace("/[\r\n|\r|\n]+/", '|@|', $white_iframe);
$white_iframe = preg_replace("/[\s\'\"]+/", '', $white_iframe);
$white_iframe = explode('|@|', $white_iframe);
$white_iframe = array_unique($white_iframe);
$white_iframe = array_unique(array_map(function($item) {
return preg_match('@^https?://(.*)$@i', $item, $matches) ? $matches[1] : $item;
}, $white_iframe));
natcasesort($white_iframe);
$whitelist = new stdClass;
$whitelist->object = $white_object;
$whitelist->iframe = $white_iframe;
$whitelist = array(
'object' => $white_object,
'iframe' => $white_iframe,
);
$db_info->embed_white_object = $white_object;
$db_info->embed_white_iframe = $white_iframe;
@ -570,10 +577,6 @@ class adminAdminController extends admin
return new Object(-1, 'msg_invalid_request');
}
require_once(_XE_PATH_ . 'classes/security/EmbedFilter.class.php');
$oEmbedFilter = EmbedFilter::getInstance();
$oEmbedFilter->_makeWhiteDomainList($whitelist);
if(!in_array(Context::getRequestMethod(), array('XMLRPC','JSON')))
{
$returnUrl = Context::get('success_return_url');

1
modules/admin/admin.admin.view.php
View file

@ -460,7 +460,6 @@ class adminAdminView extends admin
Context::set('htmlFooter', htmlspecialchars($config->htmlFooter));
// embed filter
require_once(_XE_PATH_ . 'classes/security/EmbedFilter.class.php');
$oEmbedFilter = EmbedFilter::getInstance();
context::set('embed_white_object', implode(PHP_EOL, $oEmbedFilter->whiteUrlList));
context::set('embed_white_iframe', implode(PHP_EOL, $oEmbedFilter->whiteIframeUrlList));