fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-10 12:32:14 +09:00
Code Issues Projects Releases Packages Wiki Activity

Fix #1712 merge iframe whitelist and object/embed whitelist

Browse source
This commit is contained in:
Kijin Sung 2021-06-19 20:59:36 +09:00
parent 6a4d3d912c
commit c35d17c47e
8 changed files with 217 additions and 244 deletions
Download patch file Download diff file Expand all files Collapse all files

3
common/defaults/config.php
View file

@ -116,8 +116,7 @@ return array(
'og_use_timestamps' => false, 'og_use_timestamps' => false,
), ),
'mediafilter' => array( 'mediafilter' => array(
'iframe' => array(), 'whitelist' => array(),
'object' => array(),
'classes' => array(), 'classes' => array(),
), ),
'security' => array( 'security' => array(

123
common/defaults/whitelist.php
View file

@ -7,78 +7,55 @@
*/ */
return array( return array(
/** // YouTube
* Allowed domains in <object> or <embed> tag 'www.youtube.com/',
*/ 'www.youtube-nocookie.com/',
'object' => array(
// YouTube
'www.youtube.com/',
'www.youtube-nocookie.com/',
// Daum
'flvs.daum.net/flvPlayer.swf',
'api.v.daum.net/',
'tvpot.daum.net/playlist/playlist.swf',
'videofarm.daum.net/',
// Naver
'serviceapi.nmv.naver.com/',
'scrap.ad.naver.com/',
'event.dn.naver.com/sbsplayer/vmplayer.xap',
'static.campaign.naver.com/',
'musicplayer.naver.com/naverPlayer/posting/',
'player.music.naver.com/naverPlayer/posting/',
// Mgoon
'play.mgoon.com/',
'doc.mgoon.com/player/',
// Pandora TV
'flvr.pandora.tv/flv2pan/',
'imgcdn.pandora.tv/gplayer/pandora_EGplayer.swf',
'imgcdn.pandora.tv/gplayer/flJal.swf',
// Tagstory
'play.tagstory.com/player/',
'www.tagstory.com/player/basic/',
// Cyworld
'dbi.video.cyworld.com/v.sk/',
// Egloos
'v.egloos.com/v.sk/',
// Nate
'v.nate.com/v.sk/',
'w.blogdoc.nate.com/',
'blogdoc.nate.com/flash/blogdoc_widget_reco.swf',
// KBS
'www.kbs.co.kr/zzim/vmplayer/vmplayer.xap',
'vmark.kbs.co.kr/zzim/vmplayer/vmplayer.xap',
// MBC
'onemore.imbc.com/ClientBin/oneplus.xap',
// SBS
'netv.sbs.co.kr/sbox/',
'news.sbs.co.kr/',
'wizard2.sbs.co.kr/',
'sbsplayer.sbs.co.kr/',
),
/** // Vimeo
* Allowed domains in <iframe> tag 'player.vimeo.com/',
*/
'iframe' => array( // Soundcloud
// YouTube 'w.soundcloud.com/',
'www.youtube.com/',
'www.youtube-nocookie.com/', // Google Maps
// Google Maps 'www.google.com/maps/embed',
'www.google.com/maps/embed', 'maps.google.com/',
'maps.google.com/', 'maps.google.co.kr/',
'maps.google.co.kr/',
// Daum TV Pot // Daum
'flvs.daum.net/', 'flvs.daum.net/',
'videofarm.daum.net/', 'videofarm.daum.net/',
// NAVER TVCAST 'api.v.daum.net/',
'serviceapi.rmcnmv.naver.com/', 'videofarm.daum.net/',
// SBS
'sbsplayer.sbs.co.kr/', // Naver
// Vimeo 'serviceapi.rmcnmv.naver.com/',
'player.vimeo.com/', 'serviceapi.nmv.naver.com/',
// Afreeca 'scrap.ad.naver.com/',
'afree.ca/', 'static.campaign.naver.com/',
// Soundcloud 'musicplayer.naver.com/naverPlayer/posting/',
'w.soundcloud.com/', 'player.music.naver.com/naverPlayer/posting/',
),
// Pandora TV
'www.pandora.tv/view/',
'flvr.pandora.tv/flv2pan/',
// Cyworld
'dbi.video.cyworld.com/v.sk/',
// Egloos
'v.egloos.com/v.sk/',
// Nate
'v.nate.com/v.sk/',
'w.blogdoc.nate.com/',
// SBS
'netv.sbs.co.kr/sbox/',
'news.sbs.co.kr/',
'wizard2.sbs.co.kr/',
'sbsplayer.sbs.co.kr/',
// Afreeca
'afree.ca/',
); );

4
common/framework/filters/htmlfilter.php
View file

@ -161,7 +161,7 @@ class HTMLFilter
$config->set('HTML.SafeEmbed', true); $config->set('HTML.SafeEmbed', true);
$config->set('HTML.SafeIframe', true); $config->set('HTML.SafeIframe', true);
$config->set('HTML.SafeObject', true); $config->set('HTML.SafeObject', true);
$config->set('URI.SafeIframeRegexp', MediaFilter::getIframeWhitelistRegex()); $config->set('URI.SafeIframeRegexp', MediaFilter::getWhitelistRegex());
// Set the serializer path. // Set the serializer path.
$config->set('Cache.SerializerPath', \RX_BASEDIR . 'files/cache/htmlpurifier'); $config->set('Cache.SerializerPath', \RX_BASEDIR . 'files/cache/htmlpurifier');
@ -457,7 +457,7 @@ class HTMLFilter
}, $content); }, $content);
// Remove object and embed URLs that are not allowed. // Remove object and embed URLs that are not allowed.
$whitelist = MediaFilter::getObjectWhitelistRegex(); $whitelist = MediaFilter::getWhitelistRegex();
$content = preg_replace_callback('!<(object|embed|param|audio|video|source|track)([^>]+)>!i', function($matches) use($whitelist) { $content = preg_replace_callback('!<(object|embed|param|audio|video|source|track)([^>]+)>!i', function($matches) use($whitelist) {
return preg_replace_callback('!([a-zA-Z0-9_-]+)="([^"]+)"!', function($attr) use($whitelist) { return preg_replace_callback('!([a-zA-Z0-9_-]+)="([^"]+)"!', function($attr) use($whitelist) {
if (in_array($attr[1], array('data', 'src', 'href', 'url', 'movie', 'source'))) if (in_array($attr[1], array('data', 'src', 'href', 'url', 'movie', 'source')))

235
common/framework/filters/mediafilter.php
View file

@ -12,8 +12,7 @@ class MediaFilter
/** /**
* Whitelists are cached here. * Whitelists are cached here.
*/ */
protected static $_iframe_whitelist; protected static $_whitelist = [];
protected static $_object_whitelist;
/** /**
* Add a prefix to the iframe whitelist. * Add a prefix to the iframe whitelist.
@ -22,22 +21,24 @@ class MediaFilter
* @parsm bool $permanently * @parsm bool $permanently
* @return void * @return void
*/ */
public static function addIframePrefix($prefix, $permanently = false) public static function addPrefix($prefix, $permanently = false)
{ {
if (!self::$_iframe_whitelist) if (!self::$_whitelist)
{ {
self::_loadWhitelists(); self::_loadWhitelists();
} }
$prefix = self::formatPrefix($prefix); $prefix = self::formatPrefix($prefix);
if (!in_array($prefix, self::$_iframe_whitelist)) if (!in_array($prefix, self::$_whitelist))
{ {
self::$_iframe_whitelist[] = $prefix; self::$_whitelist[] = $prefix;
natcasesort(self::$_iframe_whitelist); natcasesort(self::$_whitelist);
if ($permanently) if ($permanently)
{ {
Config::set('mediafilter.iframe', self::$_iframe_whitelist); Config::set('mediafilter.whitelist', self::$_whitelist);
Config::set('mediafilter.iframe', []);
Config::set('mediafilter.object', []);
Config::save(); Config::save();
} }
} }
@ -46,29 +47,21 @@ class MediaFilter
/** /**
* Add a prefix to the object whitelist. * Add a prefix to the object whitelist.
* *
* @param string $prefix * @deprecated
* @parsm bool $permanently
* @return void
*/ */
public static function addObjectPrefix($prefix, $permanently = false) public static function addIframePrefix($prefix, $permanently = false)
{
self::addPrefix($prefix, $permanently);
}
/**
* Add a prefix to the object whitelist.
*
* @deprecated
*/
public static function addObjectPrefix()
{ {
if (!self::$_object_whitelist)
{
self::_loadWhitelists();
}
$prefix = self::formatPrefix($prefix);
if (!in_array($prefix, self::$_object_whitelist))
{
self::$_object_whitelist[] = $prefix;
natcasesort(self::$_object_whitelist);
if ($permanently)
{
Config::set('mediafilter.object', self::$_object_whitelist);
Config::save();
}
}
} }
/** /**
@ -90,15 +83,15 @@ class MediaFilter
/** /**
* Get the iframe whitelist. * Get the iframe whitelist.
* *
* @return string * @return array
*/ */
public static function getIframeWhitelist() public static function getWhitelist()
{ {
if (!self::$_iframe_whitelist) if (!self::$_whitelist)
{ {
self::_loadWhitelists(); self::_loadWhitelists();
} }
return self::$_iframe_whitelist; return self::$_whitelist;
} }
/** /**
@ -106,47 +99,14 @@ class MediaFilter
* *
* @return string * @return string
*/ */
public static function getIframeWhitelistRegex() public static function getWhitelistRegex()
{ {
if (!self::$_iframe_whitelist) if (!self::$_whitelist)
{ {
self::_loadWhitelists(); self::_loadWhitelists();
} }
$result = array(); $result = array();
foreach(self::$_iframe_whitelist as $domain) foreach(self::$_whitelist as $domain)
{
$result[] = str_replace('\*\.', '[a-z0-9-]+\.', preg_quote($domain, '%'));
}
return '%^(?:https?:)?//(' . implode('|', $result) . ')%';
}
/**
* Get the object whitelist.
*
* @return string
*/
public static function getObjectWhitelist()
{
if (!self::$_object_whitelist)
{
self::_loadWhitelists();
}
return self::$_object_whitelist;
}
/**
* Get the object whitelist as a regular expression.
*
* @return string
*/
public static function getObjectWhitelistRegex()
{
if (!self::$_object_whitelist)
{
self::_loadWhitelists();
}
$result = array();
foreach(self::$_object_whitelist as $domain)
{ {
$result[] = str_replace('\*\.', '[a-z0-9-]+\.', preg_quote($domain, '%')); $result[] = str_replace('\*\.', '[a-z0-9-]+\.', preg_quote($domain, '%'));
} }
@ -159,20 +119,9 @@ class MediaFilter
* @param string $url * @param string $url
* @return bool * @return bool
*/ */
public static function matchIframeWhitelist($url) public static function matchWhitelist($url)
{ {
return preg_match(self::getIframeWhitelistRegex(), $url) ? true : false; return preg_match(self::getWhitelistRegex(), $url) ? true : false;
}
/**
* Check if a URL matches the iframe whitelist.
*
* @param string $url
* @return bool
*/
public static function matchObjectWhitelist($url)
{
return preg_match(self::getObjectWhitelistRegex(), $url) ? true : false;
} }
/** /**
@ -199,56 +148,132 @@ class MediaFilter
protected static function _loadWhitelists($custom_whitelist = array()) protected static function _loadWhitelists($custom_whitelist = array())
{ {
$default_whitelist = (include \RX_BASEDIR . 'common/defaults/whitelist.php'); $default_whitelist = (include \RX_BASEDIR . 'common/defaults/whitelist.php');
self::$_object_whitelist = array(); self::$_whitelist = [];
self::$_iframe_whitelist = array();
if(count($custom_whitelist)) if($custom_whitelist)
{ {
if(!is_array($custom_whitelist) || !isset($custom_whitelist['iframe']) || !isset($custom_whitelist['object'])) if(!is_array($custom_whitelist) || !isset($custom_whitelist['iframe']) || !isset($custom_whitelist['object']))
{ {
$whitelist = array( $custom_whitelist = array(
'iframe' => isset($whitelist->iframe) ? $whitelist->iframe : array(), 'iframe' => isset($custom_whitelist->iframe) ? $custom_whitelist->iframe : array(),
'object' => isset($whitelist->object) ? $whitelist->object : array(), 'object' => isset($custom_whitelist->object) ? $custom_whitelist->object : array(),
); );
} }
foreach ($custom_whitelist['iframe'] as $prefix) foreach ($custom_whitelist['iframe'] as $prefix)
{ {
self::$_iframe_whitelist[] = self::formatPrefix($prefix); self::$_whitelist[] = self::formatPrefix($prefix);
} }
foreach ($custom_whitelist['object'] as $prefix) foreach ($custom_whitelist['object'] as $prefix)
{ {
self::$_object_whitelist[] = self::formatPrefix($prefix); self::$_whitelist[] = self::formatPrefix($prefix);
} }
} }
else else
{ {
foreach ($default_whitelist['iframe'] as $prefix) foreach ($default_whitelist as $prefix)
{ {
self::$_iframe_whitelist[] = $prefix; self::$_whitelist[] = $prefix;
} }
foreach ($default_whitelist['object'] as $prefix) if ($whitelist = config('mediafilter.whitelist'))
{ {
self::$_object_whitelist[] = $prefix; foreach ($whitelist as $prefix)
}
if ($iframe_whitelist = config('mediafilter.iframe') ?: config('embedfilter.iframe'))
{
foreach ($iframe_whitelist as $prefix)
{ {
self::$_iframe_whitelist[] = self::formatPrefix($prefix); self::$_whitelist[] = self::formatPrefix($prefix);
} }
} }
if ($object_whitelist = config('mediafilter.object') ?: config('embedfilter.object')) else
{ {
foreach ($object_whitelist as $prefix) if ($whitelist = config('mediafilter.iframe') ?: config('embedfilter.iframe'))
{ {
self::$_object_whitelist[] = self::formatPrefix($prefix); foreach ($whitelist as $prefix)
{
self::$_whitelist[] = self::formatPrefix($prefix);
}
}
if ($whitelist = config('mediafilter.object') ?: config('embedfilter.object'))
{
foreach ($whitelist as $prefix)
{
self::$_whitelist[] = self::formatPrefix($prefix);
}
} }
} }
} }
self::$_object_whitelist = array_unique(self::$_object_whitelist); self::$_whitelist = array_unique(self::$_whitelist);
self::$_iframe_whitelist = array_unique(self::$_iframe_whitelist); natcasesort(self::$_whitelist);
natcasesort(self::$_object_whitelist); }
natcasesort(self::$_iframe_whitelist);
/**
* ========================== DEPRECATED METHODS ==========================
* ============== KEPT FOR COMPATIBILITY WITH OLDER VERSIONS ==============
*/
/**
* Get the iframe whitelist.
*
* @deprecated
* @return array
*/
public static function getIframeWhitelist()
{
return self::getWhitelist();
}
/**
* Get the iframe whitelist as a regular expression.
*
* @deprecated
* @return string
*/
public static function getIframeWhitelistRegex()
{
return self::getWhitelistRegex();
}
/**
* Check if a URL matches the iframe whitelist.
*
* @deprecated
* @param string $url
* @return bool
*/
public static function matchIframeWhitelist($url)
{
return self::matchWhitelist($url);
}
/**
* Get the object whitelist.
*
* @deprecated
* @return array
*/
public static function getObjectWhitelist()
{
return self::getWhitelist();
}
/**
* Get the object whitelist as a regular expression.
*
* @deprecated
* @return string
*/
public static function getObjectWhitelistRegex()
{
return self::getWhitelistRegex();
}
/**
* Check if a URL matches the iframe whitelist.
*
* @deprecated
* @param string $url
* @return bool
*/
public static function matchObjectWhitelist($url)
{
return self::matchWhitelist($url);
} }
} }

27
modules/admin/admin.admin.controller.php
View file

@ -702,27 +702,18 @@ class adminAdminController extends admin
{ {
$vars = Context::getRequestVars(); $vars = Context::getRequestVars();
// iframe filter // Media Filter iframe/embed whitelist
$iframe_whitelist = $vars->mediafilter_iframe; $whitelist = $vars->mediafilter_whitelist;
$iframe_whitelist = array_filter(array_map('trim', preg_split('/[\r\n]/', $iframe_whitelist)), function($item) { $whitelist = array_filter(array_map('trim', preg_split('/[\r\n]/', $whitelist)), function($item) {
return $item !== ''; return $item !== '';
}); });
$iframe_whitelist = array_unique(array_map(function($item) { $whitelist = array_unique(array_map(function($item) {
return Rhymix\Framework\Filters\MediaFilter::formatPrefix($item); return Rhymix\Framework\Filters\MediaFilter::formatPrefix($item);
}, $iframe_whitelist)); }, $whitelist));
natcasesort($iframe_whitelist); natcasesort($whitelist);
Rhymix\Framework\Config::set('mediafilter.iframe', array_values($iframe_whitelist)); Rhymix\Framework\Config::set('mediafilter.whitelist', array_values($whitelist));
Rhymix\Framework\Config::set('mediafilter.iframe', []);
// object filter Rhymix\Framework\Config::set('mediafilter.object', []);
$object_whitelist = $vars->mediafilter_object;
$object_whitelist = array_filter(array_map('trim', preg_split('/[\r\n]/', $object_whitelist)), function($item) {
return $item !== '';
});
$object_whitelist = array_unique(array_map(function($item) {
return Rhymix\Framework\Filters\MediaFilter::formatPrefix($item);
}, $object_whitelist));
natcasesort($object_whitelist);
Rhymix\Framework\Config::set('mediafilter.object', array_values($object_whitelist));
// HTML classes // HTML classes
$classes = $vars->mediafilter_classes; $classes = $vars->mediafilter_classes;

3
modules/admin/admin.admin.view.php
View file

@ -488,8 +488,7 @@ class adminAdminView extends admin
function dispAdminConfigSecurity() function dispAdminConfigSecurity()
{ {
// Load embed filter. // Load embed filter.
context::set('mediafilter_iframe', implode(PHP_EOL, Rhymix\Framework\Filters\MediaFilter::getIframeWhitelist())); context::set('mediafilter_whitelist', implode(PHP_EOL, Rhymix\Framework\Filters\MediaFilter::getWhitelist()));
context::set('mediafilter_object', implode(PHP_EOL, Rhymix\Framework\Filters\MediaFilter::getObjectWhitelist()));
context::set('mediafilter_classes', implode(PHP_EOL, Rhymix\Framework\Config::get('mediafilter.classes') ?: array())); context::set('mediafilter_classes', implode(PHP_EOL, Rhymix\Framework\Config::get('mediafilter.classes') ?: array()));
// Load robot user agents. // Load robot user agents.

10
modules/admin/tpl/config_security.html
View file

@ -11,15 +11,9 @@
<input type="hidden" name="act" value="procAdminUpdateSecurity" /> <input type="hidden" name="act" value="procAdminUpdateSecurity" />
<input type="hidden" name="xe_validator_id" value="modules/admin/tpl/config_security/1" /> <input type="hidden" name="xe_validator_id" value="modules/admin/tpl/config_security/1" />
<div class="x_control-group"> <div class="x_control-group">
<label class="x_control-label" for="mediafilter_iframe">iframe</label> <label class="x_control-label" for="mediafilter_whitelist">iframe/embed</label>
<div class="x_controls" style="margin-right:14px"> <div class="x_controls" style="margin-right:14px">
<textarea name="mediafilter_iframe" id="mediafilter_iframe" rows="8" style="width:100%;">{$mediafilter_iframe}</textarea> <textarea name="mediafilter_whitelist" id="mediafilter_whitelist" rows="8" style="width:100%;">{$mediafilter_whitelist}</textarea>
</div>
</div>
<div class="x_control-group">
<label class="x_control-label" for="mediafilter_object">object/embed</label>
<div class="x_controls" style="margin-right:14px">
<textarea name="mediafilter_object" id="mediafilter_object" rows="8" style="width:100%;">{$mediafilter_object}</textarea>
</div> </div>
</div> </div>
<div class="x_control-group"> <div class="x_control-group">

56
tests/unit/framework/filters/MediaFilterTest.php
View file

@ -4,48 +4,36 @@ class MediaFilterTest extends \Codeception\TestCase\Test
{ {
public function testWhitelists() public function testWhitelists()
{ {
// iframe whitelist as array. // whitelist as array.
$this->assertTrue(in_array('www.youtube.com/', Rhymix\Framework\Filters\MediaFilter::getWhitelist()));
$this->assertFalse(in_array('random-website.com/', Rhymix\Framework\Filters\MediaFilter::getWhitelist()));
// whitelist as regex.
$this->assertTrue(strpos(Rhymix\Framework\Filters\MediaFilter::getWhitelistRegex(), '|www\.youtube\.com/') !== false);
$this->assertFalse(strpos(Rhymix\Framework\Filters\MediaFilter::getWhitelistRegex(), 'www.youtube.com/') !== false);
// Match individual URL against whitelist.
$this->assertTrue(Rhymix\Framework\Filters\MediaFilter::matchWhitelist('https://www.youtube.com/v'));
$this->assertFalse(Rhymix\Framework\Filters\MediaFilter::matchWhitelist('http://www-youtube.com/v'));
// Match protocol-relative URLs.
$this->assertTrue(Rhymix\Framework\Filters\MediaFilter::matchWhitelist('//www.youtube.com/v'));
$this->assertFalse(Rhymix\Framework\Filters\MediaFilter::matchWhitelist('//www-youtube.com/v'));
// Check deprecated methods for compatibility.
$this->assertTrue(in_array('www.youtube.com/', Rhymix\Framework\Filters\MediaFilter::getIframeWhitelist())); $this->assertTrue(in_array('www.youtube.com/', Rhymix\Framework\Filters\MediaFilter::getIframeWhitelist()));
$this->assertFalse(in_array('random-website.com/', Rhymix\Framework\Filters\MediaFilter::getIframeWhitelist()));
// iframe whitelist as regex.
$this->assertTrue(strpos(Rhymix\Framework\Filters\MediaFilter::getIframeWhitelistRegex(), '|www\.youtube\.com/') !== false);
$this->assertFalse(strpos(Rhymix\Framework\Filters\MediaFilter::getIframeWhitelistRegex(), 'www.youtube.com/') !== false);
// Match individual URL against iframe whitelist.
$this->assertTrue(Rhymix\Framework\Filters\MediaFilter::matchIframeWhitelist('https://www.youtube.com/v'));
$this->assertFalse(Rhymix\Framework\Filters\MediaFilter::matchIframeWhitelist('http://www-youtube.com/v'));
// Match protocol-relative URLs.
$this->assertTrue(Rhymix\Framework\Filters\MediaFilter::matchIframeWhitelist('//www.youtube.com/v'));
$this->assertFalse(Rhymix\Framework\Filters\MediaFilter::matchIframeWhitelist('//www-youtube.com/v'));
// object whitelist as array.
$this->assertTrue(in_array('www.youtube.com/', Rhymix\Framework\Filters\MediaFilter::getObjectWhitelist()));
$this->assertFalse(in_array('random-website.com/', Rhymix\Framework\Filters\MediaFilter::getObjectWhitelist()));
// object whitelist as regex.
$this->assertTrue(strpos(Rhymix\Framework\Filters\MediaFilter::getObjectWhitelistRegex(), '|www\.youtube\.com/') !== false);
$this->assertFalse(strpos(Rhymix\Framework\Filters\MediaFilter::getObjectWhitelistRegex(), 'www.youtube.com/') !== false); $this->assertFalse(strpos(Rhymix\Framework\Filters\MediaFilter::getObjectWhitelistRegex(), 'www.youtube.com/') !== false);
$this->assertTrue(Rhymix\Framework\Filters\MediaFilter::matchIframeWhitelist('https://www.youtube.com/v'));
// Match individual URL against object whitelist.
$this->assertTrue(Rhymix\Framework\Filters\MediaFilter::matchObjectWhitelist('https://www.youtube.com/v'));
$this->assertFalse(Rhymix\Framework\Filters\MediaFilter::matchObjectWhitelist('http://www-youtube.com/v')); $this->assertFalse(Rhymix\Framework\Filters\MediaFilter::matchObjectWhitelist('http://www-youtube.com/v'));
$this->assertTrue(Rhymix\Framework\Filters\MediaFilter::matchIframeWhitelist('//www.youtube.com/v'));
// Match protocol-relative URLs.
$this->assertTrue(Rhymix\Framework\Filters\MediaFilter::matchObjectWhitelist('//www.youtube.com/v'));
$this->assertFalse(Rhymix\Framework\Filters\MediaFilter::matchObjectWhitelist('//www-youtube.com/v')); $this->assertFalse(Rhymix\Framework\Filters\MediaFilter::matchObjectWhitelist('//www-youtube.com/v'));
} }
public function testAddPrefix() public function testAddPrefix()
{ {
$this->assertFalse(Rhymix\Framework\Filters\MediaFilter::matchIframeWhitelist('http://some.custom.website.com/video.mp4')); $this->assertFalse(Rhymix\Framework\Filters\MediaFilter::matchWhitelist('http://some.custom.website.com/video.mp4'));
Rhymix\Framework\Filters\MediaFilter::addIframePrefix('*.custom.website.com/'); Rhymix\Framework\Filters\MediaFilter::addPrefix('*.custom.website.com/');
$this->assertTrue(Rhymix\Framework\Filters\MediaFilter::matchIframeWhitelist('http://some.custom.website.com/video.mp4')); $this->assertTrue(Rhymix\Framework\Filters\MediaFilter::matchWhitelist('http://some.custom.website.com/video.mp4'));
$this->assertFalse(Rhymix\Framework\Filters\MediaFilter::matchObjectWhitelist('http://some.custom.website.com/video.mp4'));
Rhymix\Framework\Filters\MediaFilter::addObjectPrefix('*.custom.website.com/');
$this->assertTrue(Rhymix\Framework\Filters\MediaFilter::matchObjectWhitelist('http://some.custom.website.com/video.mp4'));
} }
public function testRemoveEmbeddedMedia() public function testRemoveEmbeddedMedia()