def set_custom_embed_code(self, data):
""" Return the code that embed the code. Could be with the
original size or the custom chosen.
"""
if 'embed_html' not in data:
return
tree = etree.HTML(data['embed_html'])
sel = cssselect.CSSSelector('body > *')
el = sel(tree)
# add a div around if there is more than one element into code
if len(el) > 1:
el = DIV(*el)
else:
el = el[0]
# width and height attributes should not be set in a div tag
if el.tag in ['iframe', 'object']:
if data.get('width', None):
el.attrib['width'] = data['width'] and str(
data['width']) or el.attrib['width']
if data.get('height', None):
el.attrib['height'] = data['height'] and str(
data['height']) or el.attrib['height']
data['embed_html'] = sanitize_iframe_tag(html.tostring(el))
def load_oembed(self, action):
url = self.widgets['url'].value
if not self._validate_url(url):
api.portal.show_message(
_(u'Invalid URL'), request=self.request, type='error')
return
json_data = self.get_data(
url, maxwidth=None, maxheight=None, format='json')
if json_data is None:
json_data = self.get_fallback(url)
if json_data is None:
return
# html parameter not always required:
# https://github.com/abarmat/python-oembed/blob/master/oembed/__init__.py#L157-L167
# https://github.com/abarmat/python-oembed/blob/master/oembed/__init__.py#L181-L187
if 'html' in json_data:
json_data['html'] = sanitize_iframe_tag(json_data['html'])
for k, v in self.tr_fields.iteritems():
if json_data.get(k):
self.widgets[v].value = unicode(json_data[k])
if json_data.get('thumbnail_url'):
self.set_image(json_data.get('thumbnail_url'))
def load_oembed(self, action):
url = self.widgets['url'].value
if not self._validate_url(url):
api.portal.show_message(_(u'Invalid URL'),
request=self.request,
type='error')
return
json_data = self.get_data(url,
maxwidth=None,
maxheight=None,
format='json')
if json_data is None:
json_data = self.get_fallback(url)
if json_data is None:
return
# html parameter not always required:
# https://github.com/abarmat/python-oembed/blob/master/oembed/__init__.py#L157-L167
# https://github.com/abarmat/python-oembed/blob/master/oembed/__init__.py#L181-L187
if 'html' in json_data:
json_data['html'] = sanitize_iframe_tag(json_data['html'])
for k, v in self.tr_fields.iteritems():
if json_data.get(k):
self.widgets[v].value = unicode(json_data[k])
if json_data.get('thumbnail_url'):
self.set_image(json_data.get('thumbnail_url'))
def sanitize_iframe_tags(setup_tool):
"""Remove invalid attributes from iframes."""
logger.info('Sanitizing iframes from embedded code')
catalog = api.portal.get_tool('portal_catalog')
query = dict(object_provides=IEmbedder.__identifier__)
results = catalog.unrestrictedSearchResults(**query)
for brain in results:
obj = brain.getObject()
obj.embed_html = sanitize_iframe_tag(obj.embed_html)
logger.info('{0} objects were processed'.format(len(results)))
def sanitize_iframe_tags(setup_tool):
"""Remove invalid attributes from iframes."""
logger.info('Sanitizing iframes from embedded code')
catalog = api.portal.get_tool('portal_catalog')
query = dict(object_provides=IEmbedder.__identifier__)
results = catalog.unrestrictedSearchResults(**query)
for brain in results:
obj = brain.getObject()
try:
obj.embed_html = sanitize_iframe_tag(obj.embed_html)
except TypeError: # pragma: no cover
msg = 'An error ocurred sanitizing object: {0}; skipping'
logger.error(msg.format(obj.absolute_url()))
logger.info('{0} objects were processed'.format(len(results)))
def sanitize_iframe_tags(setup_tool):
"""Remove invalid attributes from iframes."""
logger.info('Sanitizing iframes from embedded code')
catalog = api.portal.get_tool('portal_catalog')
query = dict(object_provides=IEmbedder.__identifier__)
results = catalog.unrestrictedSearchResults(**query)
for brain in results:
obj = brain.getObject()
try:
obj.embed_html = sanitize_iframe_tag(obj.embed_html)
except TypeError: # pragma: no cover
msg = 'An error ocurred sanitizing object: {0}; skipping'
logger.error(msg.format(obj.absolute_url()))
logger.info('{0} objects were processed'.format(len(results)))
def set_custom_embed_code(self, data):
"""Return the code that embed the code.
Could be with the original size or the custom chosen.
"""
if 'embed_html' not in data:
return
tree = etree.HTML(data['embed_html'])
sel = cssselect.CSSSelector('body > *')
el = sel(tree)
# add a div around if there is more than one element into code
if len(el) > 1:
el = DIV(*el)
else:
el = el[0]
# width and height attributes should not be set in a div tag
if el.tag in ['iframe', 'object']:
if data.get('width', None):
el.attrib['width'] = data['width'] and str(data['width']) or el.attrib['width']
if data.get('height', None):
el.attrib['height'] = data['height'] and str(data['height']) or el.attrib['height']
data['embed_html'] = sanitize_iframe_tag(html.tostring(el))
def test_sanitize_iframe_tag_slideshare(self):
iframe = '<iframe src="//www.slideshare.net/slideshow/embed_code/key/JTepPmXR1Pgccr" width="595" height="485" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" style="border:1px solid #CCC; border-width:1px; margin-bottom:5px; max-width: 100%;" allowfullscreen> </iframe> <div style="margin-bottom:5px"> <strong> <a href="//www.slideshare.net/Pjoie/how-to-embed-powerpoint-presentation-using-slideshare" title="How to Embed PowerPoint Presentation Using Slideshare" target="_blank">How to Embed PowerPoint Presentation Using Slideshare</a> </strong> from <strong><a href="//www.slideshare.net/Pjoie" target="_blank">Joie Ocon</a></strong> </div>'
expected = '<iframe src="//www.slideshare.net/slideshow/embed_code/key/JTepPmXR1Pgccr" width="595" height="485" style="border:1px solid #CCC; border-width:1px; margin-bottom:5px; max-width: 100%;" allowfullscreen> </iframe> <div style="margin-bottom:5px"> <strong> <a href="//www.slideshare.net/Pjoie/how-to-embed-powerpoint-presentation-using-slideshare" title="How to Embed PowerPoint Presentation Using Slideshare" target="_blank">How to Embed PowerPoint Presentation Using Slideshare</a> </strong> from <strong><a href="//www.slideshare.net/Pjoie" target="_blank">Joie Ocon</a></strong> </div>'
self.assertIn(expected, sanitize_iframe_tag(iframe))
def test_sanitize_iframe_tag_youtube(self):
iframe = '<iframe allowfullscreen="" frameborder="0" height="315" src="http://www.youtube.com/embed/UkWd0azv3fQ#t=2m30s" width="420"></iframe>'
expected = '<iframe allowfullscreen="" height="315" src="http://www.youtube.com/embed/UkWd0azv3fQ#t=2m30s" width="420"></iframe>'
self.assertIn(expected, sanitize_iframe_tag(iframe))
def test_sanitize_iframe_tag_vimeo(self):
iframe = '<iframe src="https://player.vimeo.com/video/85804536" width="640" height="360" frameborder="0" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe><p><a href="https://vimeo.com/85804536">Plone Community (italian subtitles)</a> from <a href="https://vimeo.com/abstractsrl">Abstract</a> on <a href="https://vimeo.com">Vimeo</a>.</p>'
expected = '<iframe src="https://player.vimeo.com/video/85804536" width="640" height="360" allowfullscreen></iframe><p><a href="https://vimeo.com/85804536">Plone Community (italian subtitles)</a> from <a href="https://vimeo.com/abstractsrl">Abstract</a> on <a href="https://vimeo.com">Vimeo</a>.</p>'
self.assertIn(expected, sanitize_iframe_tag(iframe))
def test_sanitize_iframe_tag_soundcloud(self):
iframe = '<iframe width="100%" height="166" scrolling="no" frameborder="no" src="https://w.soundcloud.com/player/?visual=true&url=http%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F260347735&show_artwork=true"></iframe>'
expected = '<iframe width="100%" height="166" src="https://w.soundcloud.com/player/?visual=true&url=http%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F260347735&show_artwork=true"></iframe>'
self.assertIn(expected, sanitize_iframe_tag(iframe))
def test_sanitize_iframe_tag_slideshare(self):
iframe = '<iframe src="//www.slideshare.net/slideshow/embed_code/key/JTepPmXR1Pgccr" width="595" height="485" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" style="border:1px solid #CCC; border-width:1px; margin-bottom:5px; max-width: 100%;" allowfullscreen> </iframe> <div style="margin-bottom:5px"> <strong> <a href="//www.slideshare.net/Pjoie/how-to-embed-powerpoint-presentation-using-slideshare" title="How to Embed PowerPoint Presentation Using Slideshare" target="_blank">How to Embed PowerPoint Presentation Using Slideshare</a> </strong> from <strong><a href="//www.slideshare.net/Pjoie" target="_blank">Joie Ocon</a></strong> </div>'
expected = '<iframe src="//www.slideshare.net/slideshow/embed_code/key/JTepPmXR1Pgccr" width="595" height="485" style="border:1px solid #CCC; border-width:1px; margin-bottom:5px; max-width: 100%;" allowfullscreen> </iframe> <div style="margin-bottom:5px"> <strong> <a href="//www.slideshare.net/Pjoie/how-to-embed-powerpoint-presentation-using-slideshare" title="How to Embed PowerPoint Presentation Using Slideshare" target="_blank">How to Embed PowerPoint Presentation Using Slideshare</a> </strong> from <strong><a href="//www.slideshare.net/Pjoie" target="_blank">Joie Ocon</a></strong> </div>'
self.assertIn(expected, sanitize_iframe_tag(iframe))
def test_sanitize_iframe_tag_youtube(self):
iframe = '<iframe allowfullscreen="" frameborder="0" height="315" src="http://www.youtube.com/embed/UkWd0azv3fQ#t=2m30s" width="420"></iframe>'
expected = '<iframe allowfullscreen="" height="315" src="http://www.youtube.com/embed/UkWd0azv3fQ#t=2m30s" width="420"></iframe>'
self.assertIn(expected, sanitize_iframe_tag(iframe))
def test_sanitize_iframe_tag_vimeo(self):
iframe = '<iframe src="https://player.vimeo.com/video/85804536" width="640" height="360" frameborder="0" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe><p><a href="https://vimeo.com/85804536">Plone Community (italian subtitles)</a> from <a href="https://vimeo.com/abstractsrl">Abstract</a> on <a href="https://vimeo.com">Vimeo</a>.</p>'
expected = '<iframe src="https://player.vimeo.com/video/85804536" width="640" height="360" allowfullscreen></iframe><p><a href="https://vimeo.com/85804536">Plone Community (italian subtitles)</a> from <a href="https://vimeo.com/abstractsrl">Abstract</a> on <a href="https://vimeo.com">Vimeo</a>.</p>'
self.assertIn(expected, sanitize_iframe_tag(iframe))
def test_sanitize_iframe_tag_soundcloud(self):
iframe = '<iframe width="100%" height="166" scrolling="no" frameborder="no" src="https://w.soundcloud.com/player/?visual=true&url=http%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F260347735&show_artwork=true"></iframe>'
expected = '<iframe width="100%" height="166" src="https://w.soundcloud.com/player/?visual=true&url=http%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F260347735&show_artwork=true"></iframe>'
self.assertIn(expected, sanitize_iframe_tag(iframe))
