From a8383d7c1579bcc3de09cab3a4a4c8bb254b2fd7 Mon Sep 17 00:00:00 2001 From: Joenio Costa Date: Fri, 30 Jul 2010 17:11:58 -0300 Subject: [PATCH] Fixing embeds from tv.softwarelivre.org --- app/views/shared/tiny_mce.rhtml | 2 +- config/environment.rb | 2 +- test/unit/tiny_mce_article_test.rb | 5 +++++ vendor/plugins/white_list_sanitizer_unescape_before_reescape/init.rb | 2 +- 4 files changed, 8 insertions(+), 3 deletions(-) diff --git a/app/views/shared/tiny_mce.rhtml b/app/views/shared/tiny_mce.rhtml index 2130425..ebfd45e 100644 --- a/app/views/shared/tiny_mce.rhtml +++ b/app/views/shared/tiny_mce.rhtml @@ -32,7 +32,7 @@ tinyMCE.init({ paste_insert_word_content_callback : "convertWord", paste_use_dialog: false, apply_source_formatting : true, - extended_valid_elements : "applet[style|archive|codebase|code|height|width],comment,iframe[src|style|allowtransparency|frameborder|width|height]", + extended_valid_elements : "applet[style|archive|codebase|code|height|width],comment,iframe[src|style|allowtransparency|frameborder|width|height|scrolling]", content_css: '/stylesheets/tinymce.css', language: <%= tinymce_language.inspect %>, entity_encoding: 'raw' diff --git a/config/environment.rb b/config/environment.rb index 8c8f61e..fefea3b 100644 --- a/config/environment.rb +++ b/config/environment.rb @@ -72,7 +72,7 @@ Rails::Initializer.run do |config| } # Adds custom attributes to the Set of allowed html attributes for the #sanitize helper - config.action_view.sanitized_allowed_attributes = 'align', 'border', 'alt', 'vspace', 'hspace', 'width', 'heigth', 'value', 'type', 'data', 'style', 'target', 'codebase', 'archive', 'classid', 'code', 'flashvars' + config.action_view.sanitized_allowed_attributes = 'align', 'border', 'alt', 'vspace', 'hspace', 'width', 'heigth', 'value', 'type', 'data', 'style', 'target', 'codebase', 'archive', 'classid', 'code', 'flashvars', 'scrolling', 'frameborder' # Adds custom tags to the Set of allowed html tags for the #sanitize helper config.action_view.sanitized_allowed_tags = 'object', 'embed', 'param', 'table', 'tr', 'th', 'td', 'applet', 'comment', 'iframe' diff --git a/test/unit/tiny_mce_article_test.rb b/test/unit/tiny_mce_article_test.rb index 8b9d1dd..c2b21b8 100644 --- a/test/unit/tiny_mce_article_test.rb +++ b/test/unit/tiny_mce_article_test.rb @@ -83,4 +83,9 @@ class TinyMceArticleTest < Test::Unit::TestCase assert_match /

Wellformed html code <\/h1>/, article.body end + should 'allow iframe if it is from tv.softwarelivre.org' do + article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "") + assert_tag_in_string article.body, :tag => 'iframe', :attributes => { :src => "http://tv.softwarelivre.org/embed/1170", :width => "482", :height => "406", :align => "right", :frameborder => "0", :scrolling => "no"} + end + end diff --git a/vendor/plugins/white_list_sanitizer_unescape_before_reescape/init.rb b/vendor/plugins/white_list_sanitizer_unescape_before_reescape/init.rb index 073bf5a..5c5b432 100644 --- a/vendor/plugins/white_list_sanitizer_unescape_before_reescape/init.rb +++ b/vendor/plugins/white_list_sanitizer_unescape_before_reescape/init.rb @@ -13,7 +13,7 @@ HTML::WhiteListSanitizer.module_eval do if final_text =~ /iframe/ itheora_video = // - sl_video = // + sl_video = // unless (final_text =~ itheora_video || final_text =~ sl_video) final_text = final_text.gsub(//, '') end -- libgit2 0.21.2