Commit 7a4a4e9b6ad79eb80c8f2e8d68250174ea060226
Committed by
Antonio Terceiro
Antonio Terceiro
1 parent
6c728f56
Exists in
master
and in
29 other branches
Allowing users to post videos from other sites
* Vimeo * Archive.org * iteia * TV SL (stream and video) ActionItem1257
Showing
5 changed files
with
49 additions
and
7 deletions
Show diff stats
app/views/shared/tiny_mce.rhtml
| 1 | <%= javascript_include_tag 'tinymce/jscripts/tiny_mce/tiny_mce.js' %> | 1 | <%= javascript_include_tag 'tinymce/jscripts/tiny_mce/tiny_mce.js' %> |
| 2 | <script type="text/javascript"> | 2 | <script type="text/javascript"> |
| 3 | - var myplugins = "searchreplace,print,media,table"; | 3 | + var myplugins = "searchreplace,print,table"; |
| 4 | if (tinymce.isIE) { | 4 | if (tinymce.isIE) { |
| 5 | // the paste plugin is only useful in Internet Explorer | 5 | // the paste plugin is only useful in Internet Explorer |
| 6 | myplugins = "paste," + myplugins; | 6 | myplugins = "paste," + myplugins; |
| @@ -22,6 +22,7 @@ tinyMCE.init({ | @@ -22,6 +22,7 @@ tinyMCE.init({ | ||
| 22 | paste_insert_word_content_callback : "convertWord", | 22 | paste_insert_word_content_callback : "convertWord", |
| 23 | paste_use_dialog: false, | 23 | paste_use_dialog: false, |
| 24 | apply_source_formatting : true, | 24 | apply_source_formatting : true, |
| 25 | + extended_valid_elements : "applet[style|archive|codebase|code|height|width],comment,iframe[src|style|allowtransparency|frameborder]", | ||
| 25 | content_css: '/stylesheets/tinymce.css', | 26 | content_css: '/stylesheets/tinymce.css', |
| 26 | language: <%= tinymce_language.inspect %>, | 27 | language: <%= tinymce_language.inspect %>, |
| 27 | entity_encoding: 'raw' | 28 | entity_encoding: 'raw' |
config/environment.rb
| @@ -83,10 +83,10 @@ Rails::Initializer.run do |config| | @@ -83,10 +83,10 @@ Rails::Initializer.run do |config| | ||
| 83 | } | 83 | } |
| 84 | 84 | ||
| 85 | # Adds custom attributes to the Set of allowed html attributes for the #sanitize helper | 85 | # Adds custom attributes to the Set of allowed html attributes for the #sanitize helper |
| 86 | - config.action_view.sanitized_allowed_attributes = 'align', 'border', 'alt', 'vspace', 'hspace', 'width', 'heigth', 'value', 'type', 'data', 'style', 'target' | 86 | + config.action_view.sanitized_allowed_attributes = 'align', 'border', 'alt', 'vspace', 'hspace', 'width', 'heigth', 'value', 'type', 'data', 'style', 'target', 'codebase', 'archive', 'classid', 'code', 'flashvars' |
| 87 | 87 | ||
| 88 | # Adds custom tags to the Set of allowed html tags for the #sanitize helper | 88 | # Adds custom tags to the Set of allowed html tags for the #sanitize helper |
| 89 | - config.action_view.sanitized_allowed_tags = 'object', 'embed', 'param', 'table', 'tr', 'th', 'td' | 89 | + config.action_view.sanitized_allowed_tags = 'object', 'embed', 'param', 'table', 'tr', 'th', 'td', 'applet', 'comment', 'iframe' |
| 90 | 90 | ||
| 91 | # See Rails::Configuration for more options | 91 | # See Rails::Configuration for more options |
| 92 | 92 |
public/stylesheets/tinymce.css
| @@ -4,3 +4,13 @@ body.mceContentBody td { | @@ -4,3 +4,13 @@ body.mceContentBody td { | ||
| 4 | font-size: 12px; | 4 | font-size: 12px; |
| 5 | } | 5 | } |
| 6 | 6 | ||
| 7 | +object, embed { | ||
| 8 | + border:1px dotted #cc0000; | ||
| 9 | + background-position:center; | ||
| 10 | + background-repeat:no-repeat; | ||
| 11 | + background-color:#ffffcc; | ||
| 12 | + display: block; | ||
| 13 | + width: 150px; | ||
| 14 | + height: 150px; | ||
| 15 | + background-image: url(../designs/icons/tango/Tango/22x22/actions/media-playback-start.png); | ||
| 16 | +} |
test/unit/tiny_mce_article_test.rb
| @@ -49,4 +49,24 @@ class TinyMceArticleTest < Test::Unit::TestCase | @@ -49,4 +49,24 @@ class TinyMceArticleTest < Test::Unit::TestCase | ||
| 49 | assert(article.body.is_utf8?, "%s expected to be valid UTF-8 content" % article.body.inspect) | 49 | assert(article.body.is_utf8?, "%s expected to be valid UTF-8 content" % article.body.inspect) |
| 50 | end | 50 | end |
| 51 | 51 | ||
| 52 | + should 'fix tinymce mess with itheora comments for IE from tiny mce article body' do | ||
| 53 | + article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "the <!--–-[if IE]--> just for ie... <!--[endif]-->") | ||
| 54 | + assert_equal "the <!–-[if IE]> just for ie... <![endif]-–>", article.body | ||
| 55 | + end | ||
| 56 | + | ||
| 57 | + should 'not mess with <iframe and </iframe if it is from itheora' do | ||
| 58 | + article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://itheora.org'></iframe>") | ||
| 59 | + assert_equal "<iframe src=\"http://itheora.org\"></iframe>", article.body | ||
| 60 | + end | ||
| 61 | + | ||
| 62 | + should 'remove iframe if it is not from itheora' do | ||
| 63 | + article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='anything'></iframe>") | ||
| 64 | + assert_equal "", article.body | ||
| 65 | + end | ||
| 66 | + | ||
| 67 | + #TinymMCE convert config={"key":(.*)} in config={"key":(.*)} | ||
| 68 | + should 'not replace " with &quot; when adding an Archive.org video' do | ||
| 69 | + article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<embed flashvars='config={"key":"\#$b6eb72a0f2f1e29f3d4"}'> </embed>") | ||
| 70 | + assert_equal "<embed flashvars=\"config={"key":"\#$b6eb72a0f2f1e29f3d4"}\"> </embed>", article.body | ||
| 71 | + end | ||
| 52 | end | 72 | end |
vendor/plugins/white_list_sanitizer_unescape_before_reescape/init.rb
| @@ -5,11 +5,22 @@ | @@ -5,11 +5,22 @@ | ||
| 5 | 5 | ||
| 6 | HTML::WhiteListSanitizer.module_eval do | 6 | HTML::WhiteListSanitizer.module_eval do |
| 7 | 7 | ||
| 8 | - def sanitize_with_filter_comments(*args, &block) | ||
| 9 | - text = sanitize_without_filter_comments(*args, &block) | ||
| 10 | - text.gsub(/<!--/, '<!--') if text | 8 | + def sanitize_with_filter_fixes(*args, &block) |
| 9 | + text = sanitize_without_filter_fixes(*args, &block) | ||
| 10 | + if text | ||
| 11 | + final_text = text.gsub(/<!/, '<!') | ||
| 12 | + final_text = final_text.gsub(/<!--.*\[if IE\]-->(.*)<!--\[endif\]-->/, '<!–-[if IE]>\1<![endif]-–>') #FIX for itheora comments | ||
| 13 | + | ||
| 14 | + if final_text =~ /iframe/ | ||
| 15 | + unless final_text =~ /<iframe(.*)src=(.*)itheora.org(.*)<\/iframe>/ | ||
| 16 | + final_text = final_text.gsub(/<iframe(.*)<\/iframe>/, '') | ||
| 17 | + end | ||
| 18 | + end | ||
| 19 | + final_text = final_text.gsub(/&quot;/, '"') #FIX problems with archive.org | ||
| 20 | + final_text | ||
| 21 | + end | ||
| 11 | end | 22 | end |
| 12 | - alias_method_chain :sanitize, :filter_comments | 23 | + alias_method_chain :sanitize, :filter_fixes |
| 13 | 24 | ||
| 14 | # unescape before reescape to avoid: | 25 | # unescape before reescape to avoid: |
| 15 | # & -> & -> &amp; -> &amp;amp; -> &amp;amp;amp; -> etc | 26 | # & -> & -> &amp; -> &amp;amp; -> &amp;amp;amp; -> etc |