friendica/friendica
6
2
Fork 0
mirror of https://github.com/friendica/friendica synced 2025-12-07 16:37:10 +01:00
Code Issues Projects Releases 3 Packages Wiki Activity

Merge pull request #15203 from annando/tiktok

Browse source 
Enable embedding Tiktok videos / enhanced inline frame security
This commit is contained in:
Philipp 2025-10-04 15:39:29 +02:00 committed by GitHub
commit f1d752ea9b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 22 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/Content/Post/Repository/PostMedia.php
View file

@ -446,7 +446,7 @@ class PostMedia extends BaseRepository
$return = '<div style="position:relative">';
}
$return .= '<iframe ' . $attributes . ' width="100%" frameborder="0" allow="fullscreen, picture-in-picture" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe></div>';
$return .= '<iframe ' . $attributes . ' width="100%" frameborder="0" allow="fullscreen, picture-in-picture" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen sandbox="allow-same-origin allow-scripts"></iframe></div>';
return $return;
}

28
src/Util/ParseUrl.php
View file

@ -1346,15 +1346,17 @@ class ParseUrl
// Youtube provides only basic information to some IP ranges.
// Dailymotion only provices "Dailymotion" as title in their meta tags, so oEmbed is better
// @todo We have to decide if we always trust oEmbed more than the meta tags
$overwrite = in_array(parse_url(Strings::normaliseLink($siteinfo['url']), PHP_URL_HOST), ['dailymotion.com', 'tiktok.com', 'youtube.com']);
$overwrite = in_array(parse_url(Strings::normaliseLink($siteinfo['url']), PHP_URL_HOST), ['dailymotion.com', 'tiktok.com', 'youtube.com', 'youtu.be']);
$unknown_fields = $data;
foreach (['account_type', 'asset_type', 'cache_age', 'category', 'duration',
'embera_using_fake_response', 'embera_provider_name',
'height', 'html', 'iframe_url', 'is_plus', 'safety', 'success', 'type',
foreach (['account_type', 'asset_type', 'author_unique_id', 'availability', 'brand',
'cache_age', 'category', 'currency_code', 'duration', 'embera_using_fake_response',
'embera_provider_name', 'embed_product_id', 'embed_type', 'flickr_type',
'height', 'html', 'images','iframe_url', 'is_plus', 'price', 'products',
'product_expiration', 'product_id', 'quantity', 'referrer', 'safety', 'success', 'type',
'thumbnail_credit', 'thumbnail_credit_url', 'thumbnail_credit_note',
'thumbnail_height', 'thumbnail_url_with_play_button', 'thumbnail_width',
'uri', 'url', 'version', 'video_id', 'width'] as $value) {
'uri', 'url', 'version', 'video_id', 'web_page', 'web_page_short_url', 'width'] as $value) {
unset($unknown_fields[$value]);
}
@ -1364,11 +1366,15 @@ class ParseUrl
'summary' => 'text',
'author_name' => 'author_name',
'author_url' => 'author_url',
'author' => 'author_name',
'provider_name' => 'publisher_name',
'provider_url' => 'publisher_url',
'thumbnail_url' => 'image',
'upload_date' => 'published',
'publication_date' => 'published',
'license' => 'license_name',
'license_url' => 'license_url',
'license_id' => 'license_id',
];
foreach ($fields as $key => $value) {
@ -1390,10 +1396,16 @@ class ParseUrl
$siteinfo = self::setPlayer($data, $siteinfo);
}
if ($data['type'] == 'video' & empty($siteinfo['player']) && ($data['provider_url'] ?? '') == 'https://www.tiktok.com' && isset($data['embed_product_id']) && isset($data['thumbnail_width']) && isset($data['thumbnail_height'])) {
$siteinfo['player']['embed'] = 'https://www.tiktok.com/player/v1/' . $data['embed_product_id'] . '?description=1&rel=0';
$siteinfo['player']['width'] = $data['thumbnail_width'];
$siteinfo['player']['height'] = $data['thumbnail_height'];
}
if (!empty($siteinfo['player'])) {
foreach (['width', 'height'] as $key) {
if (empty($siteinfo['player'][$key]) && !empty($data[$key])) {
$siteinfo['player'][$key] = $data[$key];
foreach (['width' => 'width', 'height' => 'height', 'fixedWidth' => 'width'] as $key => $value) {
if (empty($siteinfo['player'][$value]) && !empty($data[$key])) {
$siteinfo['player'][$value] = $data[$key];
}
}
}

2
tests/src/Content/Text/BBCodeTest.php
View file

@ -726,7 +726,7 @@ Lucas: For the right price, yes.[/share]',
{
return [
'player' => [
'expected' => 'text <div class="type-link"><div style="position:relative;padding-bottom:75%;margin-bottom:1em"><iframe src="http://domain.tld/player" height="100%" style="position:absolute;left:0px;top:0px" width="100%" frameborder="0" allow="fullscreen, picture-in-picture" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe></div><h4><a href="http://domain.tld/page" target="_blank" rel="noopener noreferrer">title</a></h4><blockquote>description</blockquote><sup><a href="http://domain.tld/provider_url" target="_blank" rel="noopener noreferrer">author_name (provider_name)</a></sup></div>',
'expected' => 'text <div class="type-link"><div style="position:relative;padding-bottom:75%;margin-bottom:1em"><iframe src="http://domain.tld/player" height="100%" style="position:absolute;left:0px;top:0px" width="100%" frameborder="0" allow="fullscreen, picture-in-picture" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen sandbox="allow-same-origin allow-scripts"></iframe></div><h4><a href="http://domain.tld/page" target="_blank" rel="noopener noreferrer">title</a></h4><blockquote>description</blockquote><sup><a href="http://domain.tld/provider_url" target="_blank" rel="noopener noreferrer">author_name (provider_name)</a></sup></div>',
'data' => [
'author_name' => 'author_name',
'author_url' => 'http://domain.tld/author_url',