Merge commit 'refs/merge-requests/362' of git://gitorious.org/noosfero/noosfero …

…into merge-requests/362

Merge commit 'refs/merge-requests/362' of git://gitorious.org/noosfero/noosfero …
…into merge-requests/362
Rodrigo Souto
2 parents 52c6001c e28dc32c
Showing 4 changed files with 18 additions and 4 deletions Show diff stats
app/views/shared/tiny_mce.rhtml
config/environment.rb
public/stylesheets/application.css
test/unit/tiny_mce_article_test.rb
@@ -70,7 +70,7 @@ tinyMCE.init({
   paste_insert_word_content_callback : "convertWord",
   paste_use_dialog: false,
   apply_source_formatting : true,
-  extended_valid_elements : "applet[style|archive|codebase|code|height|width],comment,iframe[src|style|allowtransparency|frameborder|width|height|scrolling],embed[title|src|type|height|width]",
+  extended_valid_elements : "applet[style|archive|codebase|code|height|width],comment,iframe[src|style|allowtransparency|frameborder|width|height|scrolling],embed[title|src|type|height|width],audio[controls|autoplay],video[controls|autoplay],source[src|type]",
   content_css: '/stylesheets/tinymce.css,<%= macro_css_files %>',
   language: <%= tinymce_language.inspect %>,
   entity_encoding: 'raw',
@@ -85,10 +85,10 @@ Rails::Initializer.run do |config|
   }
  
   # Adds custom attributes to the Set of allowed html attributes for the #sanitize helper
-  config.action_view.sanitized_allowed_attributes = 'align', 'border', 'alt', 'vspace', 'hspace', 'width', 'heigth', 'value', 'type', 'data', 'style', 'target', 'codebase', 'archive', 'classid', 'code', 'flashvars', 'scrolling', 'frameborder'
+  config.action_view.sanitized_allowed_attributes = 'align', 'border', 'alt', 'vspace', 'hspace', 'width', 'heigth', 'value', 'type', 'data', 'style', 'target', 'codebase', 'archive', 'classid', 'code', 'flashvars', 'scrolling', 'frameborder', 'controls', 'autoplay'
  
    # Adds custom tags to the Set of allowed html tags for the #sanitize helper
-  config.action_view.sanitized_allowed_tags = 'object', 'embed', 'param', 'table', 'tr', 'th', 'td', 'applet', 'comment', 'iframe'
+  config.action_view.sanitized_allowed_tags = 'object', 'embed', 'param', 'table', 'tr', 'th', 'td', 'applet', 'comment', 'iframe', 'audio', 'video', 'source'
  
   # See Rails::Configuration for more options
  
@@ -1414,7 +1414,9 @@ a.comment-picture {
   display: inline;
 }
 #content #boxes .box-1 .article-block img,
-#content #article .article-body img {
+#content #article .article-body img,
+#content #article .article-body video,
+#content #article .article-body audio {
   max-width: 100%;
   height: auto;
 }
@@ -224,4 +224,16 @@ end
     assert TinyMceArticle.new.tiny_mce?
   end
  
+  should 'not sanitize html5 audio tag on body' do
+    article = TinyMceArticle.create!(:name => 'html5 audio', :body => "Audio: <audio controls='controls'><source src='http://example.ogg' type='audio/ogg' />Audio not playing?.</audio>", :profile => profile)
+    assert_tag_in_string article.body, :tag => 'audio', :attributes => {:controls => 'controls'}
+    assert_tag_in_string article.body, :tag => 'source', :attributes => {:src => 'http://example.ogg', :type => 'audio/ogg'}
+  end
+
+  should 'not sanitize html5 video tag on body' do
+    article = TinyMceArticle.create!(:name => 'html5 video', :body => "Video: <video controls='controls' autoplay='autoplay'><source src='http://example.ogv' type='video/ogg' />Video not playing?</video>", :profile => profile)
+    assert_tag_in_string article.body, :tag => 'video', :attributes => {:controls => 'controls', :autoplay => 'autoplay'}
+    assert_tag_in_string article.body, :tag => 'source', :attributes => {:src => 'http://example.ogv', :type => 'video/ogg'}
+  end
+
 end
...	...	@@ -70,7 +70,7 @@ tinyMCE.init({
70	70	paste_insert_word_content_callback : "convertWord",
71	71	paste_use_dialog: false,
72	72	apply_source_formatting : true,
73		- extended_valid_elements : "applet[style\|archive\|codebase\|code\|height\|width],comment,iframe[src\|style\|allowtransparency\|frameborder\|width\|height\|scrolling],embed[title\|src\|type\|height\|width]",
	73	+ extended_valid_elements : "applet[style\|archive\|codebase\|code\|height\|width],comment,iframe[src\|style\|allowtransparency\|frameborder\|width\|height\|scrolling],embed[title\|src\|type\|height\|width],audio[controls\|autoplay],video[controls\|autoplay],source[src\|type]",
74	74	content_css: '/stylesheets/tinymce.css,<%= macro_css_files %>',
75	75	language: <%= tinymce_language.inspect %>,
76	76	entity_encoding: 'raw',
...	...
...	...	@@ -85,10 +85,10 @@ Rails::Initializer.run do \|config\|
85	85	}
86	86
87	87	# Adds custom attributes to the Set of allowed html attributes for the #sanitize helper
88		- config.action_view.sanitized_allowed_attributes = 'align', 'border', 'alt', 'vspace', 'hspace', 'width', 'heigth', 'value', 'type', 'data', 'style', 'target', 'codebase', 'archive', 'classid', 'code', 'flashvars', 'scrolling', 'frameborder'
	88	+ config.action_view.sanitized_allowed_attributes = 'align', 'border', 'alt', 'vspace', 'hspace', 'width', 'heigth', 'value', 'type', 'data', 'style', 'target', 'codebase', 'archive', 'classid', 'code', 'flashvars', 'scrolling', 'frameborder', 'controls', 'autoplay'
89	89
90	90	# Adds custom tags to the Set of allowed html tags for the #sanitize helper
91		- config.action_view.sanitized_allowed_tags = 'object', 'embed', 'param', 'table', 'tr', 'th', 'td', 'applet', 'comment', 'iframe'
	91	+ config.action_view.sanitized_allowed_tags = 'object', 'embed', 'param', 'table', 'tr', 'th', 'td', 'applet', 'comment', 'iframe', 'audio', 'video', 'source'
92	92
93	93	# See Rails::Configuration for more options
94	94
...	...
...	...	@@ -1414,7 +1414,9 @@ a.comment-picture {
1414	1414	display: inline;
1415	1415	}
1416	1416	#content #boxes .box-1 .article-block img,
1417		-#content #article .article-body img {
	1417	+#content #article .article-body img,
	1418	+#content #article .article-body video,
	1419	+#content #article .article-body audio {
1418	1420	max-width: 100%;
1419	1421	height: auto;
1420	1422	}
...	...
...	...	@@ -224,4 +224,16 @@ end
224	224	assert TinyMceArticle.new.tiny_mce?
225	225	end
226	226
	227	+ should 'not sanitize html5 audio tag on body' do
	228	+ article = TinyMceArticle.create!(:name => 'html5 audio', :body => "Audio: <audio controls='controls'><source src='http://example.ogg' type='audio/ogg' />Audio not playing?.</audio>", :profile => profile)
	229	+ assert_tag_in_string article.body, :tag => 'audio', :attributes => {:controls => 'controls'}
	230	+ assert_tag_in_string article.body, :tag => 'source', :attributes => {:src => 'http://example.ogg', :type => 'audio/ogg'}
	231	+ end
	232	+
	233	+ should 'not sanitize html5 video tag on body' do
	234	+ article = TinyMceArticle.create!(:name => 'html5 video', :body => "Video: <video controls='controls' autoplay='autoplay'><source src='http://example.ogv' type='video/ogg' />Video not playing?</video>", :profile => profile)
	235	+ assert_tag_in_string article.body, :tag => 'video', :attributes => {:controls => 'controls', :autoplay => 'autoplay'}
	236	+ assert_tag_in_string article.body, :tag => 'source', :attributes => {:src => 'http://example.ogv', :type => 'video/ogg'}
	237	+ end
	238	+
227	239	end
...	...