Download as
Browse Code »

Commit db9433b60090d388cd45e629de38ec08a1768a76

Authored by Daniela Feitosa
Committed by Joenio Costa
1 parent c384c3e8
Exists in master and in 29 other branches add_member_task_reject_details, admin_visible_profile, article-list-template, community_notifications, contact_admin_translation, event_fixes, fix_comments_pagination, fix_rails4_organization_ratings, fix_sign_up_form, follow_step_fix, forum_topic_creation, mirror_block_improvements, multi_env_on_remote_user, new_security, noosfero_spb_ci, organization_ratings_improvements, organization_ratings_link_to_profile_stable-spb-1.3, organization_ratings_translations_fix, profile_api_improvements, ratings_minor_fixes, remote_user_fix, send_email_to_admins, stable-spb-1.3, stable-spb-1.3-fixes, stable-spb-1.4, stable-spb-1.5, suggest_rejected_value, web_steps_improvements, xss_terminate_custom_options

Allowing videos from tv softwarelivre on tinymce 

(ActionItem1533)
Showing 3 changed files with 10 additions and 3 deletions   Show diff stats
app/views/shared/tiny_mce.rhtml
  Diff comments   View file @db9433b
... ... @@ -22,7 +22,7 @@ tinyMCE.init({
22 22 paste_insert_word_content_callback : "convertWord",
23 23 paste_use_dialog: false,
24 24 apply_source_formatting : true,
25   - extended_valid_elements : "applet[style|archive|codebase|code|height|width],comment,iframe[src|style|allowtransparency|frameborder]",
  25 + extended_valid_elements : "applet[style|archive|codebase|code|height|width],comment,iframe[src|style|allowtransparency|frameborder|width|height]",
26 26 content_css: '/stylesheets/tinymce.css',
27 27 language: <%= tinymce_language.inspect %>,
28 28 entity_encoding: 'raw'
... ...
test/unit/tiny_mce_article_test.rb
  Diff comments   View file @db9433b
... ... @@ -59,11 +59,16 @@ class TinyMceArticleTest &lt; Test::Unit::TestCase
59 59 assert_equal "<iframe src=\"http://itheora.org\"></iframe>", article.body
60 60 end
61 61  
62   - should 'remove iframe if it is not from itheora' do
  62 + should 'remove iframe if it is not from itheora or softwarelivre' do
63 63 article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='anything'></iframe>")
64 64 assert_equal "", article.body
65 65 end
66 66  
  67 + should 'allow iframe if it is from stream.softwarelivre.org' do
  68 + article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<iframe src='http://stream.softwarelivre.org'></iframe>")
  69 + assert_equal "<iframe src=\"http://stream.softwarelivre.org\"></iframe>", article.body
  70 + end
  71 +
67 72 #TinymMCE convert config={"key":(.*)} in config={&quotkey&quot:(.*)}
68 73 should 'not replace &quot with &amp;quot; when adding an Archive.org video' do
69 74 article = TinyMceArticle.create!(:profile => profile, :name => 'article', :abstract => 'abstract', :body => "<embed flashvars='config={&quot;key&quot;:&quot;\#$b6eb72a0f2f1e29f3d4&quot;}'> </embed>")
... ...
vendor/plugins/white_list_sanitizer_unescape_before_reescape/init.rb
  Diff comments   View file @db9433b
... ... @@ -12,7 +12,9 @@ HTML::WhiteListSanitizer.module_eval do
12 12 final_text = final_text.gsub(/<!--.*\[if IE\]-->(.*)<!--\[endif\]-->/, '<!–-[if IE]>\1<![endif]-–>') #FIX for itheora comments
13 13  
14 14 if final_text =~ /iframe/
15   - unless final_text =~ /<iframe(.*)src=(.*)itheora.org(.*)<\/iframe>/
  15 + itheora_video = /<iframe(.*)src=(.*)itheora.org(.*)<\/iframe>/
  16 + sl_video = /<iframe(.*)src=\"http:\/\/stream.softwarelivre.org(.*)<\/iframe>/
  17 + unless (final_text =~ itheora_video || final_text =~ sl_video)
16 18 final_text = final_text.gsub(/<iframe(.*)<\/iframe>/, '')
17 19 end
18 20 end
... ...