Commit 9a67bc9d authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Add htmlpurifier filter for google video

parent f3935ea9
......@@ -38,7 +38,7 @@ $themeoptions = get_themes();
$yesno = array(true => get_string('yes'),
false => get_string('no'));
$allowedfilters = array('YouTube');
$allowedfilters = array('YouTube', 'GoogleVideo');
$enabledfilters = get_config('filters');
if ($enabledfilters) {
$enabledfilters = unserialize($enabledfilters);
......@@ -163,20 +163,26 @@ $siteoptionform = array(
// List of HTML Purifier filters to enable
$siteoptionform['elements']['filters'] = array(
'type' => 'fieldset',
'legend' => get_string('trustedsitesforembeddedcontent', 'admin'),
'legend' => get_string('embeddedcontent', 'admin'),
'collapsible' => true,
'collapsed' => true,
'elements' => array(
'filters_description' => array(
'embeddedcontentdescription' => array(
'type' => 'html',
'value' => get_string('trustedsitesforembeddedcontentdescription', 'admin'),
'title' => get_string('trustedsites', 'admin'),
'value' => get_string('embeddedcontentdescription', 'admin'),
'help' => true,
),
'YouTube' => array(
'type' => 'checkbox',
'title' => 'http://www.youtube.com',
'description' => get_string('htmlfilter_YouTube', 'admin'),
'defaultvalue' => in_array('YouTube', $enabledfilters),
),
'GoogleVideo' => array(
'type' => 'checkbox',
'title' => 'http://video.google.com',
'defaultvalue' => in_array('GoogleVideo', $enabledfilters),
),
),
);
......
......@@ -115,6 +115,8 @@ $string['defaultaccountinactivewarn'] = 'Warning time for inactivity/expiry';
$string['defaultaccountinactivewarndescription'] = 'The time before user accounts are to expire or become inactive at which a warning message will be sent to them';
$string['defaultaccountlifetime'] = 'Default account lifetime';
$string['defaultaccountlifetimedescription'] = 'If set, user accounts will expire after this period of time from when they have been created';
$string['embeddedcontent'] = 'Embedded content';
$string['embeddedcontentdescription'] = 'If you would like users to be able to embed videos or other outside content into their portfolios, you can choose which sites to trust below.';
$string['language'] = 'Language';
$string['pathtoclam'] = 'Path to clam';
$string['pathtoclamdescription'] = 'The filesystem path to clamscan or clamdscan';
......@@ -131,8 +133,7 @@ $string['siteoptionspagedescription'] = 'Here you can set some global options th
$string['siteoptionsset'] = 'Site options have been updated.';
$string['sitethemedescription'] = 'The default theme for the site';
$string['theme'] = 'Theme';
$string['trustedsitesforembeddedcontent'] = 'Trusted sites for embedded content';
$string['trustedsitesforembeddedcontentdescription'] = 'If you would like to give your users the ability to embed videos from other sites, choose the trusted sites from the list below';
$string['trustedsites'] = 'Trusted sites';
$string['updatesiteoptions'] = 'Update site options';
$string['usersallowedmultipleinstitutions'] = 'Users allowed multiple institutions';
$string['usersallowedmultipleinstitutionsdescription'] = 'If checked, users can be members of several institutions at the same time';
......@@ -140,8 +141,6 @@ $string['usersseenewthemeonlogin'] = 'Users will see the new theme the next time
$string['viruschecking'] = 'Virus checking';
$string['viruscheckingdescription'] = 'If checked, virus checking will be enabled for all uploaded files using ClamAV';
$string['htmlfilter_YouTube'] = 'Embed code copied from YouTube will be allowed in HTML created by users.';
// Site content
$string['about'] = 'About';
$string['discardpageedits'] = 'Discard your changes to this page?';
......
<h3>Embedded content: Trusted sites</h3>
<p>In order to guard against malicious code from other sites, &lt;object&gt; and &lt;embed&gt; are normally filtered out of HTML content before it is displayed. This setting allows users to take embed code generated by a few specific sites and paste it directly into their Views.</p>
<?php
class HTMLPurifier_Filter_GoogleVideo extends HTMLPurifier_Filter
{
public $name = 'GoogleVideo';
public function preFilter($html, $config, $context) {
$pre_regex = '#<embed\b[^>]+\bsrc="http://video.google.com/googleplayer.swf\?(doc[iI]d=[0-9\-]+(?:&hl=[a-z][a-z])?)[^>]+>\s*</embed>#s';
$pre_replace = '<span class="googlevideo-embed">\1</span>';
return preg_replace($pre_regex, $pre_replace, $html);
}
public function postFilter($html, $config, $context) {
$post_regex = '#<span class="googlevideo-embed">(doc[iI]d=[0-9\-]+(?:&(?:amp;)?hl=[a-z][a-z])?)</span>#';
$post_replace = '<embed style="width:400px; height:326px;" '.
'id="VideoPlayback" '.
'type="application/x-shockwave-flash" '.
'src="http://video.google.com/googleplayer.swf?\1" '.
'flashvars="" '.
'</embed>';
return preg_replace($post_regex, $post_replace, $html);
}
}
......@@ -2087,10 +2087,18 @@ function clean_text($text) {
$config->set('Core', 'Encoding', 'UTF-8');
$config->set('HTML', 'Doctype', 'XHTML 1.0 Transitional');
$customfilters = array();
if (get_config('filters')) {
foreach (unserialize(get_config('filters')) as $filter) {
$config->set('Filter', $filter, true);
if ($filter == 'YouTube') {
$config->set('Filter', 'YouTube', true);
} else {
require_once(get_config('libroot') . 'htmlpurifiercustom/' . $filter . '.php');
$classname = 'HTMLPurifier_Filter_' . $filter;
$customfilters[] = new $classname();
}
}
$config->set('Filter', 'Custom', $customfilters);
}
$def =& $config->getHTMLDefinition(true);
$def->addAttribute('a', 'target', 'Enum#_blank,_self,_target,_top');
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment