patch secure: b7c557f44e

2024-10-05 05:51:34 +09:00 · 2024-10-05 05:51:34 +09:00 · d34933149f
commit d34933149f
parent fe5342038d
1 changed files with 70 additions and 69 deletions
--- a/AvocadoEdition_Light/plugin/htmlpurifier/extend.video.php
+++ b/AvocadoEdition_Light/plugin/htmlpurifier/extend.video.php
@ -1,5 +1,6 @@
 <?php
-if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
+if (!defined('_GNUBOARD_'))
+  exit; // 개별 페이지 접근 불가

 //https://stackoverflow.com/questions/4739284/htmlpurifier-iframe-vimeo-and-youtube-video
 /**
@ -7,74 +8,74 @@ if (!defined('_GNUBOARD_')) exit; // 개별 페이지 접근 불가
 * Iframe filter that does some primitive whitelisting in a somewhat recognizable and tweakable way
 */

-if( !class_exists('HTMLPurifier_Filter_Iframevideo') ){
-	class HTMLPurifier_Filter_Iframevideo extends HTMLPurifier_Filter
-	{
-		public $name = 'Iframevideo';
+if (!class_exists('HTMLPurifier_Filter_Iframevideo')) {
+  class HTMLPurifier_Filter_Iframevideo extends HTMLPurifier_Filter
+  {
+    public $name = 'Iframevideo';

-		/**
-		 *
-		 * @param string $html
-		 * @param HTMLPurifier_Config $config
-		 * @param HTMLPurifier_Context $context
-		 * @return string
-		 */
-		public function preFilter($html, $config, $context)
-		{
-			if (strstr($html, '<iframe')) {
-				$html = preg_replace_callback('/<iframe.*?src="https?:\/\/www\.youtube\.com\/embed\/([^"]*)[^>]*>(.*?)?\/iframe>/i', array($this, 'trust_url_match'), $html);
-				$html = preg_replace_callback('/<iframe.*?src="https?:\/\/player\.vimeo.com\/video\/([^"]*)[^>]*>(.*?)?\/iframe>/i', array($this, 'trust_url_match'), $html);
-                $html = preg_replace_callback('/<iframe.*?src="https?:\/\/www\.facebook.com\/plugins\/([^"]*)[^>]*>(.*?)?\/iframe>/i', array($this, 'trust_url_match'), $html);
-				//$html = preg_replace('#<iframe#i', '<img class="Iframevideo"', $html);
-				//$html = preg_replace('#</iframe>#i', '</img>', $html);
-			}
-			return $html;
-		}
+    /**
+     *
+     * @param string $html
+     * @param HTMLPurifier_Config $config
+     * @param HTMLPurifier_Context $context
+     * @return string
+     */
+    public function preFilter($html, $config, $context)
+    {
+      if (strstr($html, '<iframe')) {
+        $html = preg_replace_callback('/<iframe.*?src="https?:\/\/www\.youtube\.com\/embed\/([^"]*)[^>]*>(.*?)?\/iframe>/i', array($this, 'trust_url_match'), $html);
+        $html = preg_replace_callback('/<iframe.*?src="https?:\/\/player\.vimeo.com\/video\/([^"]*)[^>]*>(.*?)?\/iframe>/i', array($this, 'trust_url_match'), $html);
+        $html = preg_replace_callback('/<iframe.*?src="https?:\/\/www\.facebook.com\/plugins\/([^"]*)[^>]*>(.*?)?\/iframe>/i', array($this, 'trust_url_match'), $html);
+        //$html = preg_replace('#<iframe#i', '<img class="Iframevideo"', $html);
+        //$html = preg_replace('#</iframe>#i', '</img>', $html);
+      }
+      return $html;
+    }

-		public function trust_url_match($matches)
-		{
-			$str = $matches[0];
-			if( $matches[1] ){
-				$str = preg_replace('#<iframe#i', '<img class="Iframevideo"', $str);
-				$str = preg_replace('#</iframe>#i', '</img>', $str);
-			}
-			return $str;
-		}
-		/**
-		 *
-		 * @param string $html
-		 * @param HTMLPurifier_Config $config
-		 * @param HTMLPurifier_Context $context
-		 * @return string
-		 */
-		public function postFilter($html, $config, $context)
-		{
-			$post_regex = '#<img class="Iframevideo"([^>]+?)>#';
-			return preg_replace_callback($post_regex, array($this, 'postFilterCallback'), $html);
-		}
+    public function trust_url_match($matches)
+    {
+      $str = $matches[0];
+      if ($matches[1]) {
+        $str = preg_replace('#<iframe#i', '<img class="Iframevideo"', $str);
+        $str = preg_replace('#</iframe>#i', '</img>', $str);
+      }
+      return $str;
+    }
+    /**
+     *
+     * @param string $html
+     * @param HTMLPurifier_Config $config
+     * @param HTMLPurifier_Context $context
+     * @return string
+     */
+    public function postFilter($html, $config, $context)
+    {
+      $post_regex = '#<img class="Iframevideo"([^>]+?)>#';
+      return preg_replace_callback($post_regex, array($this, 'postFilterCallback'), $html);
+    }

-		/**
-		 *
-		 * @param array $matches
-		 * @return string
-		 */
-		protected function postFilterCallback($matches)
-		{
-			// Domain Whitelist
-			$youTubeMatch = preg_match('#src="https?://www\.youtube(-nocookie)?\.com/#i', $matches[1]);
-			$vimeoMatch = preg_match('#src="https?://player\.vimeo\.com/#i', $matches[1]);
-            $fackbookMatch = preg_match('#src="https?://www\.facebook\.com/#i', $matches[1]);
-			if ($youTubeMatch || $vimeoMatch || $fackbookMatch) {
-				$extra = ' frameborder="0"';
-				if ($youTubeMatch || $fackbookMatch) {
-					$extra .= ' allowfullscreen';
-				} elseif ($vimeoMatch) {
-					$extra .= ' webkitAllowFullScreen mozallowfullscreen allowFullScreen';
-				}
-				return '<iframe ' . $matches[1] . $extra . '></iframe>';
-			} else {
-				return '';
-			}
-		}
-	}
-}
+    /**
+     *
+     * @param array $matches
+     * @return string
+     */
+    protected function postFilterCallback($matches)
+    {
+      // Domain Whitelist
+      $youTubeMatch = preg_match('#src="https?://www\.youtube(-nocookie)?\.com/#i', $matches[1]);
+      $vimeoMatch = preg_match('#src="https?://player\.vimeo\.com/#i', $matches[1]);
+      $fackbookMatch = preg_match('#src="https?://www\.facebook\.com/#i', $matches[1]);
+      if ($youTubeMatch || $vimeoMatch || $fackbookMatch) {
+        $extra = ' frameborder="0"';
+        if ($youTubeMatch || $fackbookMatch) {
+          $extra .= ' allowfullscreen';
+        } elseif ($vimeoMatch) {
+          $extra .= ' webkitAllowFullScreen mozallowfullscreen allowFullScreen';
+        }
+        return '<iframe ' . $matches[1] . $extra . '></iframe>';
+      } else {
+        return '';
+      }
+    }
+  }
+}