def set_custom_embed_code(self, data): """ Return the code that embed the code. Could be with the original size or the custom chosen. """ if 'embed_html' not in data: return tree = etree.HTML(data['embed_html']) sel = cssselect.CSSSelector('body > *') el = sel(tree) # add a div around if there is more than one element into code if len(el) > 1: el = DIV(*el) else: el = el[0] # width and height attributes should not be set in a div tag if el.tag in ['iframe', 'object']: if data.get('width', None): el.attrib['width'] = data['width'] and str( data['width']) or el.attrib['width'] if data.get('height', None): el.attrib['height'] = data['height'] and str( data['height']) or el.attrib['height'] data['embed_html'] = sanitize_iframe_tag(html.tostring(el))
def load_oembed(self, action): url = self.widgets['url'].value if not self._validate_url(url): api.portal.show_message( _(u'Invalid URL'), request=self.request, type='error') return json_data = self.get_data( url, maxwidth=None, maxheight=None, format='json') if json_data is None: json_data = self.get_fallback(url) if json_data is None: return # html parameter not always required: # https://github.com/abarmat/python-oembed/blob/master/oembed/__init__.py#L157-L167 # https://github.com/abarmat/python-oembed/blob/master/oembed/__init__.py#L181-L187 if 'html' in json_data: json_data['html'] = sanitize_iframe_tag(json_data['html']) for k, v in self.tr_fields.iteritems(): if json_data.get(k): self.widgets[v].value = unicode(json_data[k]) if json_data.get('thumbnail_url'): self.set_image(json_data.get('thumbnail_url'))
def load_oembed(self, action): url = self.widgets['url'].value if not self._validate_url(url): api.portal.show_message(_(u'Invalid URL'), request=self.request, type='error') return json_data = self.get_data(url, maxwidth=None, maxheight=None, format='json') if json_data is None: json_data = self.get_fallback(url) if json_data is None: return # html parameter not always required: # https://github.com/abarmat/python-oembed/blob/master/oembed/__init__.py#L157-L167 # https://github.com/abarmat/python-oembed/blob/master/oembed/__init__.py#L181-L187 if 'html' in json_data: json_data['html'] = sanitize_iframe_tag(json_data['html']) for k, v in self.tr_fields.iteritems(): if json_data.get(k): self.widgets[v].value = unicode(json_data[k]) if json_data.get('thumbnail_url'): self.set_image(json_data.get('thumbnail_url'))
def sanitize_iframe_tags(setup_tool): """Remove invalid attributes from iframes.""" logger.info('Sanitizing iframes from embedded code') catalog = api.portal.get_tool('portal_catalog') query = dict(object_provides=IEmbedder.__identifier__) results = catalog.unrestrictedSearchResults(**query) for brain in results: obj = brain.getObject() obj.embed_html = sanitize_iframe_tag(obj.embed_html) logger.info('{0} objects were processed'.format(len(results)))
def sanitize_iframe_tags(setup_tool): """Remove invalid attributes from iframes.""" logger.info('Sanitizing iframes from embedded code') catalog = api.portal.get_tool('portal_catalog') query = dict(object_provides=IEmbedder.__identifier__) results = catalog.unrestrictedSearchResults(**query) for brain in results: obj = brain.getObject() try: obj.embed_html = sanitize_iframe_tag(obj.embed_html) except TypeError: # pragma: no cover msg = 'An error ocurred sanitizing object: {0}; skipping' logger.error(msg.format(obj.absolute_url())) logger.info('{0} objects were processed'.format(len(results)))
def set_custom_embed_code(self, data): """Return the code that embed the code. Could be with the original size or the custom chosen. """ if 'embed_html' not in data: return tree = etree.HTML(data['embed_html']) sel = cssselect.CSSSelector('body > *') el = sel(tree) # add a div around if there is more than one element into code if len(el) > 1: el = DIV(*el) else: el = el[0] # width and height attributes should not be set in a div tag if el.tag in ['iframe', 'object']: if data.get('width', None): el.attrib['width'] = data['width'] and str(data['width']) or el.attrib['width'] if data.get('height', None): el.attrib['height'] = data['height'] and str(data['height']) or el.attrib['height'] data['embed_html'] = sanitize_iframe_tag(html.tostring(el))
def test_sanitize_iframe_tag_slideshare(self): iframe = '<iframe src="//www.slideshare.net/slideshow/embed_code/key/JTepPmXR1Pgccr" width="595" height="485" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" style="border:1px solid #CCC; border-width:1px; margin-bottom:5px; max-width: 100%;" allowfullscreen> </iframe> <div style="margin-bottom:5px"> <strong> <a href="//www.slideshare.net/Pjoie/how-to-embed-powerpoint-presentation-using-slideshare" title="How to Embed PowerPoint Presentation Using Slideshare" target="_blank">How to Embed PowerPoint Presentation Using Slideshare</a> </strong> from <strong><a href="//www.slideshare.net/Pjoie" target="_blank">Joie Ocon</a></strong> </div>' expected = '<iframe src="//www.slideshare.net/slideshow/embed_code/key/JTepPmXR1Pgccr" width="595" height="485" style="border:1px solid #CCC; border-width:1px; margin-bottom:5px; max-width: 100%;" allowfullscreen> </iframe> <div style="margin-bottom:5px"> <strong> <a href="//www.slideshare.net/Pjoie/how-to-embed-powerpoint-presentation-using-slideshare" title="How to Embed PowerPoint Presentation Using Slideshare" target="_blank">How to Embed PowerPoint Presentation Using Slideshare</a> </strong> from <strong><a href="//www.slideshare.net/Pjoie" target="_blank">Joie Ocon</a></strong> </div>' self.assertIn(expected, sanitize_iframe_tag(iframe))
def test_sanitize_iframe_tag_youtube(self): iframe = '<iframe allowfullscreen="" frameborder="0" height="315" src="http://www.youtube.com/embed/UkWd0azv3fQ#t=2m30s" width="420"></iframe>' expected = '<iframe allowfullscreen="" height="315" src="http://www.youtube.com/embed/UkWd0azv3fQ#t=2m30s" width="420"></iframe>' self.assertIn(expected, sanitize_iframe_tag(iframe))
def test_sanitize_iframe_tag_vimeo(self): iframe = '<iframe src="https://player.vimeo.com/video/85804536" width="640" height="360" frameborder="0" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe><p><a href="https://vimeo.com/85804536">Plone Community (italian subtitles)</a> from <a href="https://vimeo.com/abstractsrl">Abstract</a> on <a href="https://vimeo.com">Vimeo</a>.</p>' expected = '<iframe src="https://player.vimeo.com/video/85804536" width="640" height="360" allowfullscreen></iframe><p><a href="https://vimeo.com/85804536">Plone Community (italian subtitles)</a> from <a href="https://vimeo.com/abstractsrl">Abstract</a> on <a href="https://vimeo.com">Vimeo</a>.</p>' self.assertIn(expected, sanitize_iframe_tag(iframe))
def test_sanitize_iframe_tag_soundcloud(self): iframe = '<iframe width="100%" height="166" scrolling="no" frameborder="no" src="https://w.soundcloud.com/player/?visual=true&url=http%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F260347735&show_artwork=true"></iframe>' expected = '<iframe width="100%" height="166" src="https://w.soundcloud.com/player/?visual=true&url=http%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F260347735&show_artwork=true"></iframe>' self.assertIn(expected, sanitize_iframe_tag(iframe))