]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blob - IkiWiki/Plugin/embed.pm
Avoid mixed content when cgiurl is https but url is not
[git.ikiwiki.info.git] / IkiWiki / Plugin / embed.pm
1 #!/usr/bin/perl
2 package IkiWiki::Plugin::embed;
4 use warnings;
5 use strict;
6 use IkiWiki 3.00;
8 my $attribr=qr/[^<>"]+/;
10 # regexp matching known-safe html
11 my $safehtml=qr{(
12         # google maps
13         <\s*iframe\s+width="\d+"\s+height="\d+"\s+frameborder="$attribr"\s+
14         scrolling="$attribr"\s+marginheight="\d+"\s+marginwidth="\d+"\s+
15         src="http://maps.google.com/\?$attribr"\s*>\s*</iframe>
17         |
19         # youtube
20         <\s*object\s+width="\d+"\s+height="\d+"\s*>\s*
21         <\s*param\s+name="movie"\s+value="http://www.youtube.com/v/$attribr"\s*>\s*
22         </param>\s*
23         <\s*param\s+name="wmode"\s+value="transparent"\s*>\s*</param>\s*
24         <embed\s+src="http://www.youtube.com/v/$attribr"\s+
25         type="application/x-shockwave-flash"\s+wmode="transparent"\s+
26         width="\d+"\s+height="\d+"\s*>\s*</embed>\s*</object>
28         |
30         # google video
31         <\s*embed\s+style="\s*width:\d+px;\s+height:\d+px;\s*"\s+id="$attribr"\s+
32         type="application/x-shockwave-flash"\s+
33         src="http://video.google.com/googleplayer.swf\?$attribr"\s+
34         flashvars=""\s*>\s*</embed>
36         |
38         # google calendar
39         <\s*iframe\s+src="http://www.google.com/calendar/embed\?src=$attribr"\s+
40         style="\s*border-width:\d+\s*"\s+width="\d+"\s+frameborder="\d+"\s*
41         height="\d+"\s*>\s*</iframe>
42 )}sx;
44 my @embedded;
46 sub import {
47         hook(type => "getsetup", id => "embed", call => \&getsetup);
48         hook(type => "filter", id => "embed", call => \&filter);
49 }
51 sub getsetup () {
52         return
53                 plugin => {
54                         safe => 1,
55                         rebuild => undef,
56                 },
57 }
59 sub embed ($) {
60         hook(type => "format", id => "embed", call => \&format) unless @embedded;
61         push @embedded, shift;
62         return "<div class=\"embed$#embedded\"></div>";
63 }
65 sub filter (@) {
66         my %params=@_;
67         $params{content} =~ s/$safehtml/embed($1)/eg;
68         return $params{content};
69 }
71 sub format (@) {
72         my %params=@_;
73         $params{content} =~ s/<div class="embed(\d+)"><\/div>/$embedded[$1]/eg;
74         return $params{content};
75 }
77 1