X-Git-Url: http://git.cyclocoop.org/?p=velocampus%2Fweb%2Fwww.git;a=blobdiff_plain;f=www%2Fextensions%2Fsafehtml%2Finc%2Fsafehtml.php;fp=www%2Fextensions%2Fsafehtml%2Finc%2Fsafehtml.php;h=fc8b727666dc2324bb97be7c9201e2eab417bb81;hp=72053b37610130338854d273a07063b8c6bfa9ef;hb=e99f0878011913365e49b30d90e496c24c301393;hpb=80b4d3e85f78d402ed2e73f8f5d1bf4c19962eed diff --git a/www/extensions/safehtml/inc/safehtml.php b/www/extensions/safehtml/inc/safehtml.php index 72053b3..fc8b727 100644 --- a/www/extensions/safehtml/inc/safehtml.php +++ b/www/extensions/safehtml/inc/safehtml.php @@ -3,7 +3,7 @@ /***************************************************************************\ * SPIP, Systeme de publication pour l'internet * * * - * Copyright (c) 2001-2009 * + * Copyright (c) 2001-2014 * * Arnaud Martin, Antoine Pitrou, Philippe Riviere, Emmanuel Saint-James * * * * Ce programme est un logiciel libre distribue sous licence GNU/GPL. * @@ -34,6 +34,19 @@ function inc_safehtml_dist($t) { } if ($test > 0) { + # autoriser des trucs + # ex: l'embed de youtube + if ( + false !== strpos($t, 'iframe')) { + foreach (extraire_balises($t, 'iframe') as $iframe) { + if (preg_match(',^http://(www\.)?(youtube\.com|(player\.)?vimeo\.com)/.*,', extraire_attribut($iframe, 'src'))) { + $re = '___IFRAME___'.md5($iframe); + $ok[$re] = $iframe; + $t = str_replace($iframe, $re, $t); + } + } + } + # reset ($process->clear() ne vide que _xhtml...), # on doit pouvoir programmer ca plus propremement $process->_counter = array(); @@ -45,6 +58,11 @@ function inc_safehtml_dist($t) { # $process->parse(''); # cas particulier ? $process->clear(); $t = $process->parse($t); + + # reinserer les trucs autorises + if ($ok) + foreach ($ok as $re => $v) + $t = str_replace($re, $v, $t); } else $t = entites_html($t); // tres laid, en cas d'erreur