From 73f28ffabe3f023f4a8c6f4242c2929c907b6c71 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Tue, 16 Nov 2010 14:41:30 -0800 Subject: [PATCH] LinkPreview: use a local proxy for oEmbed lookups so we use a consistent common code path, and don't open up to oohembed.com being evil --- plugins/LinkPreview/LinkPreviewPlugin.php | 13 +++++++------ plugins/LinkPreview/linkpreview.js | 5 ++--- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/plugins/LinkPreview/LinkPreviewPlugin.php b/plugins/LinkPreview/LinkPreviewPlugin.php index 6f7c99a38c..da79811482 100644 --- a/plugins/LinkPreview/LinkPreviewPlugin.php +++ b/plugins/LinkPreview/LinkPreviewPlugin.php @@ -53,7 +53,7 @@ class LinkPreviewPlugin extends Plugin if ($user) { $action->script('plugins/LinkPreview/linkpreview.js'); $data = json_encode(array( - 'api' => common_config('oohembed', 'endpoint'), + 'api' => common_local_url('oembedproxy'), 'width' => common_config('attachments', 'thumbwidth'), 'height' => common_config('attachments', 'thumbheight'), )); @@ -73,10 +73,11 @@ class LinkPreviewPlugin extends Plugin */ function onAutoload($cls) { - switch ($cls) + $lower = strtolower($cls); + switch ($lower) { - case 'LinkpreviewAction': - require_once dirname(__FILE__) . '/linkpreviewaction.php'; + case 'oembedproxyaction': + require_once dirname(__FILE__) . '/' . $lower . '.php'; return false; default: return true; @@ -92,8 +93,8 @@ class LinkPreviewPlugin extends Plugin */ function onStartInitializeRouter($m) { - $m->connect('main/preview/link', - array('action' => 'linkpreview')); + $m->connect('main/oembed/proxy', + array('action' => 'oembedproxy')); return true; } diff --git a/plugins/LinkPreview/linkpreview.js b/plugins/LinkPreview/linkpreview.js index db99212292..8e411f908e 100644 --- a/plugins/LinkPreview/linkpreview.js +++ b/plugins/LinkPreview/linkpreview.js @@ -54,12 +54,11 @@ url: url, format: 'json', maxwidth: oEmbed.width, - maxheight: oEmbed.height, - callback: '?' + maxheight: oEmbed.height }; $.get(oEmbed.api, params, function(data, xhr) { callback(data); - }, 'jsonp'); + }, 'json'); } };