2014-05-06 22:00:30 +01:00
|
|
|
<?php
|
2018-07-18 05:31:24 +01:00
|
|
|
// This file is part of GNU social - https://www.gnu.org/software/social
|
|
|
|
//
|
|
|
|
// GNU social is free software: you can redistribute it and/or modify
|
|
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
|
|
// (at your option) any later version.
|
|
|
|
//
|
|
|
|
// GNU social is distributed in the hope that it will be useful,
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
// GNU Affero General Public License for more details.
|
|
|
|
//
|
|
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
|
|
// along with GNU social. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
|
|
/**
|
|
|
|
* OembedPlugin implementation for GNU social
|
|
|
|
*
|
|
|
|
* @package GNUsocial
|
|
|
|
* @author Stephen Paul Weber
|
|
|
|
* @author hannes
|
|
|
|
* @author Mikael Nordfeldth
|
|
|
|
* @author Diogo Cordeiro <diogo@fc.up.pt>
|
|
|
|
* @copyright 2019 Free Software Foundation, Inc http://www.fsf.org
|
|
|
|
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
|
|
|
|
*/
|
|
|
|
|
|
|
|
defined('GNUSOCIAL') || die();
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Base class for the oEmbed plugin that does most of the heavy lifting to get
|
|
|
|
* and display representations for remote content.
|
|
|
|
*
|
|
|
|
* @copyright 2019 Free Software Foundation, Inc http://www.fsf.org
|
|
|
|
* @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
|
|
|
|
*/
|
2014-05-06 22:00:30 +01:00
|
|
|
class OembedPlugin extends Plugin
|
|
|
|
{
|
2019-06-13 08:18:10 +01:00
|
|
|
const PLUGIN_VERSION = '2.0.1';
|
2019-06-03 01:56:52 +01:00
|
|
|
|
2015-01-25 01:34:40 +00:00
|
|
|
// settings which can be set in config.php with addPlugin('Oembed', array('param'=>'value', ...));
|
2015-01-25 10:18:57 +00:00
|
|
|
// WARNING, these are _regexps_ (slashes added later). Always escape your dots and end your strings
|
2015-01-25 01:34:40 +00:00
|
|
|
public $domain_whitelist = array( // hostname => service provider
|
2015-01-25 10:18:57 +00:00
|
|
|
'^i\d*\.ytimg\.com$' => 'YouTube',
|
2015-02-02 10:13:52 +00:00
|
|
|
'^i\d*\.vimeocdn\.com$' => 'Vimeo',
|
2015-01-25 01:34:40 +00:00
|
|
|
);
|
2018-07-18 05:31:24 +01:00
|
|
|
public $append_whitelist = array(); // fill this array as domain_whitelist to add more trusted sources
|
2015-04-03 20:00:19 +01:00
|
|
|
public $check_whitelist = false; // security/abuse precaution
|
2015-01-25 01:34:40 +00:00
|
|
|
|
|
|
|
protected $imgData = array();
|
|
|
|
|
2018-07-18 05:31:24 +01:00
|
|
|
/**
|
|
|
|
* Initialize the oEmbed plugin and set up the environment it needs for it.
|
|
|
|
* Returns true if it initialized properly, the exception object if it
|
|
|
|
* doesn't.
|
|
|
|
*/
|
2015-01-25 01:34:40 +00:00
|
|
|
public function initialize()
|
|
|
|
{
|
|
|
|
parent::initialize();
|
|
|
|
|
|
|
|
$this->domain_whitelist = array_merge($this->domain_whitelist, $this->append_whitelist);
|
|
|
|
}
|
|
|
|
|
2018-07-18 05:31:24 +01:00
|
|
|
/**
|
|
|
|
* The code executed on GNU social checking the database schema, which in
|
|
|
|
* this case is to make sure we have the plugin table we need.
|
|
|
|
*
|
|
|
|
* @return bool true if it ran successfully, the exception object if it doesn't.
|
|
|
|
*/
|
2014-05-06 22:00:30 +01:00
|
|
|
public function onCheckSchema()
|
|
|
|
{
|
|
|
|
$schema = Schema::get();
|
|
|
|
$schema->ensureTable('file_oembed', File_oembed::schemaDef());
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2018-07-18 05:31:24 +01:00
|
|
|
/**
|
|
|
|
* This code executes when GNU social creates the page routing, and we hook
|
|
|
|
* on this event to add our action handler for oEmbed.
|
|
|
|
*
|
|
|
|
* @param $m URLMapper the router that was initialized.
|
|
|
|
* @return bool true if successful, the exception object if it isn't.
|
|
|
|
*/
|
2014-05-06 22:00:30 +01:00
|
|
|
public function onRouterInitialized(URLMapper $m)
|
|
|
|
{
|
2019-07-11 19:14:03 +01:00
|
|
|
$m->connect('main/oembed', ['action' => 'oembed']);
|
2014-05-06 22:00:30 +01:00
|
|
|
}
|
|
|
|
|
2018-07-18 05:31:24 +01:00
|
|
|
/**
|
|
|
|
* This event executes when GNU social encounters a remote URL we then decide
|
|
|
|
* to interrogate for metadata. oEmbed gloms onto it to see if we have an
|
|
|
|
* oEmbed endpoint or image to try to represent in the post.
|
|
|
|
*
|
|
|
|
* @param $url string the remote URL we're looking at
|
|
|
|
* @param $dom DOMDocument the document we're getting metadata from
|
|
|
|
* @param $metadata stdClass class representing the metadata
|
|
|
|
* @return bool true if successful, the exception object if it isn't.
|
|
|
|
*/
|
2015-11-30 01:06:04 +00:00
|
|
|
public function onGetRemoteUrlMetadataFromDom($url, DOMDocument $dom, stdClass &$metadata)
|
|
|
|
{
|
|
|
|
try {
|
|
|
|
common_log(LOG_INFO, 'Trying to discover an oEmbed endpoint using link headers.');
|
|
|
|
$api = oEmbedHelper::oEmbedEndpointFromHTML($dom);
|
2016-01-12 14:29:03 +00:00
|
|
|
common_log(LOG_INFO, 'Found oEmbed API endpoint ' . $api . ' for URL ' . $url);
|
2015-11-30 01:06:04 +00:00
|
|
|
$params = array(
|
|
|
|
'maxwidth' => common_config('thumbnail', 'width'),
|
|
|
|
'maxheight' => common_config('thumbnail', 'height'),
|
|
|
|
);
|
|
|
|
$metadata = oEmbedHelper::getOembedFrom($api, $url, $params);
|
2018-07-18 05:31:24 +01:00
|
|
|
|
|
|
|
// Facebook just gives us javascript in its oembed html,
|
2016-01-26 01:07:44 +00:00
|
|
|
// so use the content of the title element instead
|
2018-07-18 05:31:24 +01:00
|
|
|
if (strpos($url, 'https://www.facebook.com/') === 0) {
|
|
|
|
$metadata->html = @$dom->getElementsByTagName('title')->item(0)->nodeValue;
|
2016-01-26 01:05:53 +00:00
|
|
|
}
|
2018-07-18 05:31:24 +01:00
|
|
|
|
2016-01-26 01:07:44 +00:00
|
|
|
// Wordpress sometimes also just gives us javascript, use og:description if it is available
|
|
|
|
$xpath = new DomXpath($dom);
|
2016-01-26 11:28:24 +00:00
|
|
|
$generatorNode = @$xpath->query('//meta[@name="generator"][1]')->item(0);
|
2016-01-26 01:07:44 +00:00
|
|
|
if ($generatorNode instanceof DomElement) {
|
|
|
|
// when wordpress only gives us javascript, the html stripped from tags
|
|
|
|
// is the same as the title, so this helps us to identify this (common) case
|
2018-07-18 05:31:24 +01:00
|
|
|
if (strpos($generatorNode->getAttribute('content'), 'WordPress') === 0
|
2016-01-26 01:07:44 +00:00
|
|
|
&& trim(strip_tags($metadata->html)) == trim($metadata->title)) {
|
2016-01-26 11:28:24 +00:00
|
|
|
$propertyNode = @$xpath->query('//meta[@property="og:description"][1]')->item(0);
|
2016-01-26 01:07:44 +00:00
|
|
|
if ($propertyNode instanceof DomElement) {
|
|
|
|
$metadata->html = $propertyNode->getAttribute('content');
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2015-11-30 01:06:04 +00:00
|
|
|
} catch (Exception $e) {
|
2018-07-18 05:31:24 +01:00
|
|
|
// FIXME - make sure the error was because we couldn't get metadata, not something else! -mb
|
2016-01-12 14:29:03 +00:00
|
|
|
common_log(LOG_INFO, 'Could not find an oEmbed endpoint using link headers, trying OpenGraph from HTML.');
|
2015-11-30 01:06:04 +00:00
|
|
|
// Just ignore it!
|
2016-01-12 14:29:03 +00:00
|
|
|
$metadata = OpenGraphHelper::ogFromHtml($dom);
|
2015-11-30 01:06:04 +00:00
|
|
|
}
|
2016-01-28 15:19:29 +00:00
|
|
|
|
2016-02-25 18:46:17 +00:00
|
|
|
if (isset($metadata->thumbnail_url)) {
|
|
|
|
// sometimes sites serve the path, not the full URL, for images
|
|
|
|
// let's "be liberal in what you accept from others"!
|
|
|
|
// add protocol and host if the thumbnail_url starts with /
|
2018-07-18 05:31:24 +01:00
|
|
|
if (substr($metadata->thumbnail_url, 0, 1) == '/') {
|
2016-02-25 18:46:17 +00:00
|
|
|
$thumbnail_url_parsed = parse_url($metadata->url);
|
|
|
|
$metadata->thumbnail_url = $thumbnail_url_parsed['scheme']."://".$thumbnail_url_parsed['host'].$metadata->thumbnail_url;
|
|
|
|
}
|
2018-07-18 05:31:24 +01:00
|
|
|
|
2016-02-25 18:46:17 +00:00
|
|
|
// some wordpress opengraph implementations sometimes return a white blank image
|
|
|
|
// no need for us to save that!
|
2018-07-18 05:31:24 +01:00
|
|
|
if ($metadata->thumbnail_url == 'https://s0.wp.com/i/blank.jpg') {
|
2016-02-25 18:46:17 +00:00
|
|
|
unset($metadata->thumbnail_url);
|
|
|
|
}
|
2016-01-28 15:19:29 +00:00
|
|
|
|
2018-07-18 05:31:24 +01:00
|
|
|
// FIXME: this is also true of locally-installed wordpress so we should watch out for that.
|
|
|
|
}
|
|
|
|
return true;
|
2015-11-30 01:06:04 +00:00
|
|
|
}
|
|
|
|
|
2014-05-06 22:00:30 +01:00
|
|
|
public function onEndShowHeadElements(Action $action)
|
|
|
|
{
|
|
|
|
switch ($action->getActionName()) {
|
|
|
|
case 'attachment':
|
2018-07-18 05:31:24 +01:00
|
|
|
$action->element('link', array('rel'=>'alternate',
|
2014-05-06 22:00:30 +01:00
|
|
|
'type'=>'application/json+oembed',
|
|
|
|
'href'=>common_local_url(
|
|
|
|
'oembed',
|
|
|
|
array(),
|
|
|
|
array('format'=>'json', 'url'=>
|
2018-07-18 05:31:24 +01:00
|
|
|
common_local_url(
|
|
|
|
'attachment',
|
|
|
|
array('attachment' => $action->attachment->getID())
|
|
|
|
))
|
|
|
|
),
|
2019-05-06 23:58:45 +01:00
|
|
|
'title'=>'oEmbed'));
|
2018-07-18 05:31:24 +01:00
|
|
|
$action->element('link', array('rel'=>'alternate',
|
2014-05-06 22:00:30 +01:00
|
|
|
'type'=>'text/xml+oembed',
|
|
|
|
'href'=>common_local_url(
|
|
|
|
'oembed',
|
|
|
|
array(),
|
|
|
|
array('format'=>'xml','url'=>
|
2018-07-18 05:31:24 +01:00
|
|
|
common_local_url(
|
|
|
|
'attachment',
|
|
|
|
array('attachment' => $action->attachment->getID())
|
|
|
|
))
|
|
|
|
),
|
2019-05-06 23:58:45 +01:00
|
|
|
'title'=>'oEmbed'));
|
2014-05-06 22:00:30 +01:00
|
|
|
break;
|
|
|
|
case 'shownotice':
|
2015-12-31 00:55:18 +00:00
|
|
|
if (!$action->notice->isLocal()) {
|
|
|
|
break;
|
|
|
|
}
|
2014-05-10 12:06:18 +01:00
|
|
|
try {
|
2018-07-18 05:31:24 +01:00
|
|
|
$action->element('link', array('rel'=>'alternate',
|
2014-05-10 12:06:18 +01:00
|
|
|
'type'=>'application/json+oembed',
|
|
|
|
'href'=>common_local_url(
|
|
|
|
'oembed',
|
|
|
|
array(),
|
2018-07-18 05:31:24 +01:00
|
|
|
array('format'=>'json','url'=>$action->notice->getUrl())
|
|
|
|
),
|
2019-05-06 23:58:45 +01:00
|
|
|
'title'=>'oEmbed'));
|
2018-07-18 05:31:24 +01:00
|
|
|
$action->element('link', array('rel'=>'alternate',
|
2014-05-10 12:06:18 +01:00
|
|
|
'type'=>'text/xml+oembed',
|
|
|
|
'href'=>common_local_url(
|
|
|
|
'oembed',
|
|
|
|
array(),
|
2018-07-18 05:31:24 +01:00
|
|
|
array('format'=>'xml','url'=>$action->notice->getUrl())
|
|
|
|
),
|
2019-05-06 23:58:45 +01:00
|
|
|
'title'=>'oEmbed'));
|
2014-05-10 12:06:18 +01:00
|
|
|
} catch (InvalidUrlException $e) {
|
|
|
|
// The notice is probably a share or similar, which don't
|
|
|
|
// have a representational URL of their own.
|
|
|
|
}
|
2014-05-06 22:00:30 +01:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2018-07-18 05:31:24 +01:00
|
|
|
public function onEndShowStylesheets(Action $action)
|
|
|
|
{
|
2016-03-16 23:31:45 +00:00
|
|
|
$action->cssLink($this->path('css/oembed.css'));
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2014-05-06 22:00:30 +01:00
|
|
|
/**
|
|
|
|
* Save embedding information for a File, if applicable.
|
|
|
|
*
|
|
|
|
* Normally this event is called through File::saveNew()
|
|
|
|
*
|
|
|
|
* @param File $file The newly inserted File object.
|
|
|
|
*
|
|
|
|
* @return boolean success
|
|
|
|
*/
|
2015-11-02 05:15:08 +00:00
|
|
|
public function onEndFileSaveNew(File $file)
|
2014-05-06 22:00:30 +01:00
|
|
|
{
|
2016-07-21 00:38:48 +01:00
|
|
|
$fo = File_oembed::getKV('file_id', $file->getID());
|
2014-05-06 22:00:30 +01:00
|
|
|
if ($fo instanceof File_oembed) {
|
2016-07-21 00:38:48 +01:00
|
|
|
common_log(LOG_WARNING, "Strangely, a File_oembed object exists for new file {$file->getID()}", __FILE__);
|
2015-10-01 21:18:33 +01:00
|
|
|
return true;
|
2014-05-06 22:00:30 +01:00
|
|
|
}
|
|
|
|
|
2015-11-02 05:15:08 +00:00
|
|
|
if (isset($file->mimetype)
|
|
|
|
&& (('text/html' === substr($file->mimetype, 0, 9)
|
|
|
|
|| 'application/xhtml+xml' === substr($file->mimetype, 0, 21)))) {
|
2014-05-06 22:00:30 +01:00
|
|
|
try {
|
2015-11-02 05:15:08 +00:00
|
|
|
$oembed_data = File_oembed::_getOembed($file->url);
|
2014-05-06 22:00:30 +01:00
|
|
|
if ($oembed_data === false) {
|
|
|
|
throw new Exception('Did not get oEmbed data from URL');
|
|
|
|
}
|
2016-07-23 20:01:28 +01:00
|
|
|
$file->setTitle($oembed_data->title);
|
2014-05-06 22:00:30 +01:00
|
|
|
} catch (Exception $e) {
|
2016-08-27 23:16:31 +01:00
|
|
|
common_log(LOG_WARNING, sprintf(__METHOD__.': %s thrown when getting oEmbed data: %s', get_class($e), _ve($e->getMessage())));
|
2014-05-06 22:00:30 +01:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2016-07-21 00:38:48 +01:00
|
|
|
File_oembed::saveNew($oembed_data, $file->getID());
|
2014-05-06 22:00:30 +01:00
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function onEndShowAttachmentLink(HTMLOutputter $out, File $file)
|
|
|
|
{
|
2016-07-21 00:38:48 +01:00
|
|
|
$oembed = File_oembed::getKV('file_id', $file->getID());
|
2014-05-06 22:00:30 +01:00
|
|
|
if (empty($oembed->author_name) && empty($oembed->provider)) {
|
|
|
|
return true;
|
|
|
|
}
|
2014-06-21 20:01:17 +01:00
|
|
|
$out->elementStart('div', array('id'=>'oembed_info', 'class'=>'e-content'));
|
2014-05-06 22:00:30 +01:00
|
|
|
if (!empty($oembed->author_name)) {
|
|
|
|
$out->elementStart('div', 'fn vcard author');
|
|
|
|
if (empty($oembed->author_url)) {
|
|
|
|
$out->text($oembed->author_name);
|
|
|
|
} else {
|
2018-07-18 05:31:24 +01:00
|
|
|
$out->element(
|
|
|
|
'a',
|
|
|
|
array('href' => $oembed->author_url,
|
2019-06-30 13:36:33 +01:00
|
|
|
'class' => 'url'),
|
2018-07-18 05:31:24 +01:00
|
|
|
$oembed->author_name
|
|
|
|
);
|
2014-05-06 22:00:30 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
if (!empty($oembed->provider)) {
|
|
|
|
$out->elementStart('div', 'fn vcard');
|
|
|
|
if (empty($oembed->provider_url)) {
|
|
|
|
$out->text($oembed->provider);
|
|
|
|
} else {
|
2018-07-18 05:31:24 +01:00
|
|
|
$out->element(
|
|
|
|
'a',
|
|
|
|
array('href' => $oembed->provider_url,
|
2019-06-30 13:36:33 +01:00
|
|
|
'class' => 'url'),
|
2018-07-18 05:31:24 +01:00
|
|
|
$oembed->provider
|
|
|
|
);
|
2014-05-06 22:00:30 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
$out->elementEnd('div');
|
|
|
|
}
|
|
|
|
|
|
|
|
public function onFileEnclosureMetadata(File $file, &$enclosure)
|
|
|
|
{
|
|
|
|
// Never treat generic HTML links as an enclosure type!
|
|
|
|
// But if we have oEmbed info, we'll consider it golden.
|
2016-07-21 00:38:48 +01:00
|
|
|
$oembed = File_oembed::getKV('file_id', $file->getID());
|
2015-04-05 14:44:04 +01:00
|
|
|
if (!$oembed instanceof File_oembed || !in_array($oembed->type, array('photo', 'video'))) {
|
2014-05-06 22:00:30 +01:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2016-01-14 17:29:21 +00:00
|
|
|
foreach (array('mimetype', 'url', 'title', 'modified', 'width', 'height') as $key) {
|
|
|
|
if (isset($oembed->{$key}) && !empty($oembed->{$key})) {
|
2014-05-06 22:00:30 +01:00
|
|
|
$enclosure->{$key} = $oembed->{$key};
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
2016-03-16 23:31:45 +00:00
|
|
|
|
|
|
|
public function onStartShowAttachmentRepresentation(HTMLOutputter $out, File $file)
|
|
|
|
{
|
|
|
|
try {
|
|
|
|
$oembed = File_oembed::getByFile($file);
|
|
|
|
} catch (NoResultException $e) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2016-03-22 13:02:36 +00:00
|
|
|
// Show thumbnail as usual if it's a photo.
|
|
|
|
if ($oembed->type === 'photo') {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2016-03-27 15:21:43 +01:00
|
|
|
$out->elementStart('article', ['class'=>'h-entry oembed']);
|
2016-03-16 23:31:45 +00:00
|
|
|
$out->elementStart('header');
|
2018-07-18 05:31:24 +01:00
|
|
|
try {
|
2016-03-16 23:31:45 +00:00
|
|
|
$thumb = $file->getThumbnail(128, 128);
|
2016-03-27 15:21:43 +01:00
|
|
|
$out->element('img', $thumb->getHtmlAttrs(['class'=>'u-photo oembed']));
|
2016-03-16 23:31:45 +00:00
|
|
|
unset($thumb);
|
|
|
|
} catch (Exception $e) {
|
|
|
|
$out->element('div', ['class'=>'error'], $e->getMessage());
|
|
|
|
}
|
2016-03-27 15:21:43 +01:00
|
|
|
$out->elementStart('h5', ['class'=>'p-name oembed']);
|
|
|
|
$out->element('a', ['class'=>'u-url', 'href'=>$file->getUrl()], common_strip_html($oembed->title));
|
2016-03-16 23:31:45 +00:00
|
|
|
$out->elementEnd('h5');
|
2016-03-27 15:21:43 +01:00
|
|
|
$out->elementStart('div', ['class'=>'p-author oembed']);
|
2016-03-16 23:31:45 +00:00
|
|
|
if (!empty($oembed->author_name)) {
|
|
|
|
// TRANS: text before the author name of oEmbed attachment representation
|
|
|
|
// FIXME: The whole "By x from y" should be i18n because of different language constructions.
|
|
|
|
$out->text(_('By '));
|
2016-03-27 15:21:43 +01:00
|
|
|
$attrs = ['class'=>'h-card p-author'];
|
2016-03-16 23:31:45 +00:00
|
|
|
if (!empty($oembed->author_url)) {
|
|
|
|
$attrs['href'] = $oembed->author_url;
|
|
|
|
$tag = 'a';
|
|
|
|
} else {
|
|
|
|
$tag = 'span';
|
|
|
|
}
|
|
|
|
$out->element($tag, $attrs, $oembed->author_name);
|
|
|
|
}
|
|
|
|
if (!empty($oembed->provider)) {
|
|
|
|
// TRANS: text between the oEmbed author name and provider url
|
|
|
|
// FIXME: The whole "By x from y" should be i18n because of different language constructions.
|
|
|
|
$out->text(_(' from '));
|
|
|
|
$attrs = ['class'=>'h-card'];
|
|
|
|
if (!empty($oembed->provider_url)) {
|
|
|
|
$attrs['href'] = $oembed->provider_url;
|
|
|
|
$tag = 'a';
|
|
|
|
} else {
|
|
|
|
$tag = 'span';
|
|
|
|
}
|
|
|
|
$out->element($tag, $attrs, $oembed->provider);
|
|
|
|
}
|
|
|
|
$out->elementEnd('div');
|
|
|
|
$out->elementEnd('header');
|
2016-03-27 15:21:43 +01:00
|
|
|
$out->elementStart('div', ['class'=>'p-summary oembed']);
|
2016-03-17 11:58:40 +00:00
|
|
|
$out->raw(common_purify($oembed->html));
|
|
|
|
$out->elementEnd('div');
|
2016-03-16 23:31:45 +00:00
|
|
|
$out->elementStart('footer');
|
|
|
|
$out->elementEnd('footer');
|
|
|
|
$out->elementEnd('article');
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
2018-07-18 05:31:24 +01:00
|
|
|
|
2016-01-07 16:35:37 +00:00
|
|
|
public function onShowUnsupportedAttachmentRepresentation(HTMLOutputter $out, File $file)
|
2014-05-06 22:00:30 +01:00
|
|
|
{
|
2015-10-01 21:18:33 +01:00
|
|
|
try {
|
|
|
|
$oembed = File_oembed::getByFile($file);
|
|
|
|
} catch (NoResultException $e) {
|
2014-05-06 22:00:30 +01:00
|
|
|
return true;
|
|
|
|
}
|
2015-10-01 21:18:33 +01:00
|
|
|
|
2016-01-07 16:35:37 +00:00
|
|
|
// the 'photo' type is shown through ordinary means, using StartShowAttachmentRepresentation!
|
2014-05-06 22:00:30 +01:00
|
|
|
switch ($oembed->type) {
|
|
|
|
case 'video':
|
|
|
|
case 'link':
|
2014-05-18 23:54:43 +01:00
|
|
|
if (!empty($oembed->html)
|
2015-02-27 11:44:15 +00:00
|
|
|
&& (GNUsocial::isAjax() || common_config('attachments', 'show_html'))) {
|
2018-03-12 03:23:55 +00:00
|
|
|
$purifier = new \HTMLPurifier();
|
2016-01-28 17:57:36 +00:00
|
|
|
// FIXME: do we allow <object> and <embed> here? we did that when we used htmLawed, but I'm not sure anymore...
|
|
|
|
$out->raw($purifier->purify($oembed->html));
|
2014-05-06 22:00:30 +01:00
|
|
|
}
|
2016-01-07 16:35:37 +00:00
|
|
|
return false;
|
2014-05-06 22:00:30 +01:00
|
|
|
}
|
2016-01-07 16:35:37 +00:00
|
|
|
|
|
|
|
return true;
|
2014-05-06 22:00:30 +01:00
|
|
|
}
|
|
|
|
|
2018-07-18 05:31:24 +01:00
|
|
|
/**
|
|
|
|
* This event executes when GNU social is creating a file thumbnail entry in
|
|
|
|
* the database. We glom onto this to create proper information for oEmbed
|
|
|
|
* object thumbnails.
|
|
|
|
*
|
|
|
|
* @param $file File the file of the created thumbnail
|
|
|
|
* @param &$imgPath string = the path to the created thumbnail
|
|
|
|
* @return bool true if it succeeds (including non-action
|
|
|
|
* states where it isn't oEmbed data, so it doesn't mess up the event handle
|
|
|
|
* for other things hooked into it), or the exception if it fails.
|
|
|
|
*/
|
2019-06-29 20:10:20 +01:00
|
|
|
public function onCreateFileImageThumbnailSource(File $file, &$imgPath, $media)
|
2015-01-25 01:34:40 +00:00
|
|
|
{
|
|
|
|
// If we are on a private node, we won't do any remote calls (just as a precaution until
|
|
|
|
// we can configure this from config.php for the private nodes)
|
|
|
|
if (common_config('site', 'private')) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
// All our remote Oembed images lack a local filename property in the File object
|
2015-10-01 21:18:33 +01:00
|
|
|
if (!is_null($file->filename)) {
|
2019-06-30 13:36:33 +01:00
|
|
|
common_debug(sprintf('Filename of file id==%d is not null (%s), so nothing oEmbed '.
|
|
|
|
'should handle.', $file->getID(), _ve($file->filename)));
|
2015-01-25 01:34:40 +00:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
|
|
|
// If we have proper oEmbed data, there should be an entry in the File_oembed
|
|
|
|
// and File_thumbnail tables respectively. If not, we're not going to do anything.
|
2018-07-18 05:31:24 +01:00
|
|
|
$thumbnail = File_thumbnail::byFile($file);
|
2016-02-10 03:43:30 +00:00
|
|
|
} catch (NoResultException $e) {
|
2015-01-25 01:34:40 +00:00
|
|
|
// Not Oembed data, or at least nothing we either can or want to use.
|
2017-09-10 13:04:12 +01:00
|
|
|
common_debug('No oEmbed data found for file id=='.$file->getID());
|
2015-01-25 01:34:40 +00:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
|
|
|
$this->storeRemoteFileThumbnail($thumbnail);
|
|
|
|
} catch (AlreadyFulfilledException $e) {
|
|
|
|
// aw yiss!
|
2017-09-10 13:04:12 +01:00
|
|
|
} catch (Exception $e) {
|
2019-06-30 13:36:33 +01:00
|
|
|
common_debug(sprintf('oEmbed encountered an exception (%s) for file id==%d: %s',
|
|
|
|
get_class($e), $file->getID(), _ve($e->getMessage())));
|
2017-09-10 13:04:12 +01:00
|
|
|
throw $e;
|
2015-01-25 01:34:40 +00:00
|
|
|
}
|
|
|
|
|
2019-06-30 13:36:33 +01:00
|
|
|
// Out
|
2015-01-25 01:34:40 +00:00
|
|
|
$imgPath = $thumbnail->getPath();
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2018-07-18 05:31:24 +01:00
|
|
|
* @return bool false on no check made, provider name on success
|
2015-01-25 01:34:40 +00:00
|
|
|
* @throws ServerException if check is made but fails
|
|
|
|
*/
|
|
|
|
protected function checkWhitelist($url)
|
|
|
|
{
|
|
|
|
if (!$this->check_whitelist) {
|
|
|
|
return false; // indicates "no check made"
|
|
|
|
}
|
|
|
|
|
|
|
|
$host = parse_url($url, PHP_URL_HOST);
|
2015-01-25 10:18:57 +00:00
|
|
|
foreach ($this->domain_whitelist as $regex => $provider) {
|
|
|
|
if (preg_match("/$regex/", $host)) {
|
|
|
|
return $provider; // we trust this source, return provider name
|
|
|
|
}
|
2015-01-25 01:34:40 +00:00
|
|
|
}
|
|
|
|
|
2015-01-25 10:18:57 +00:00
|
|
|
throw new ServerException(sprintf(_('Domain not in remote thumbnail source whitelist: %s'), $host));
|
2015-01-25 01:34:40 +00:00
|
|
|
}
|
|
|
|
|
2018-07-18 05:31:24 +01:00
|
|
|
/**
|
|
|
|
* Check the file size of a remote file using a HEAD request and checking
|
|
|
|
* the content-length variable returned. This isn't 100% foolproof but is
|
|
|
|
* reliable enough for our purposes.
|
|
|
|
*
|
|
|
|
* @return string|bool the file size if it succeeds, false otherwise.
|
|
|
|
*/
|
|
|
|
private function getRemoteFileSize($url)
|
2015-01-25 01:34:40 +00:00
|
|
|
{
|
2018-07-18 05:31:24 +01:00
|
|
|
try {
|
|
|
|
if (empty($url)) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
stream_context_set_default(array('http' => array('method' => 'HEAD')));
|
|
|
|
$head = @get_headers($url, 1);
|
|
|
|
if (gettype($head)=="array") {
|
|
|
|
$head = array_change_key_case($head);
|
|
|
|
$size = isset($head['content-length']) ? $head['content-length'] : 0;
|
|
|
|
|
|
|
|
if (!$size) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
return $size; // return formatted size
|
|
|
|
} catch (Exception $err) {
|
|
|
|
common_log(LOG_ERR, __CLASS__.': getRemoteFileSize on URL : '._ve($url).' threw exception: '.$err->getMessage());
|
|
|
|
return false;
|
2015-01-25 01:34:40 +00:00
|
|
|
}
|
2018-07-18 05:31:24 +01:00
|
|
|
}
|
2015-01-25 01:34:40 +00:00
|
|
|
|
2018-07-18 05:31:24 +01:00
|
|
|
/**
|
|
|
|
* A private helper function that uses a CURL lookup to check the mime type
|
|
|
|
* of a remote URL to see it it's an image.
|
|
|
|
*
|
|
|
|
* @return bool true if the remote URL is an image, or false otherwise.
|
|
|
|
*/
|
|
|
|
private function isRemoteImage($url)
|
|
|
|
{
|
|
|
|
if (!filter_var($url, FILTER_VALIDATE_URL)) {
|
|
|
|
common_log(LOG_ERR, "Invalid URL in OEmbed::isRemoteImage()");
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
if ($url==null) {
|
|
|
|
common_log(LOG_ERR, "URL not specified in OEmbed::isRemoteImage()");
|
2017-07-10 13:41:03 +01:00
|
|
|
return false;
|
|
|
|
}
|
2018-07-18 05:31:24 +01:00
|
|
|
try {
|
|
|
|
$curl = curl_init($url);
|
|
|
|
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
|
|
|
|
curl_setopt($curl, CURLOPT_HEADER, true);
|
|
|
|
curl_setopt($curl, CURLOPT_NOBODY, true);
|
|
|
|
curl_exec($curl);
|
|
|
|
$type = curl_getinfo($curl, CURLINFO_CONTENT_TYPE);
|
|
|
|
if (strpos($type, 'image') !== false) {
|
|
|
|
return true;
|
|
|
|
} else {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
} finally {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Function to create and store a thumbnail representation of a remote image
|
|
|
|
*
|
|
|
|
* @param $thumbnail File_thumbnail object containing the file thumbnail
|
|
|
|
* @return bool true if it succeeded, the exception if it fails, or false if it
|
|
|
|
* is limited by system limits (ie the file is too large.)
|
|
|
|
*/
|
|
|
|
protected function storeRemoteFileThumbnail(File_thumbnail $thumbnail)
|
|
|
|
{
|
|
|
|
if (!empty($thumbnail->filename) && file_exists($thumbnail->getPath())) {
|
2019-06-30 13:36:33 +01:00
|
|
|
throw new AlreadyFulfilledException(
|
|
|
|
sprintf('A thumbnail seems to already exist for remote file with id==%u', $thumbnail->file_id));
|
2018-07-18 05:31:24 +01:00
|
|
|
}
|
2016-07-21 02:19:05 +01:00
|
|
|
|
2018-07-18 05:31:24 +01:00
|
|
|
$url = $thumbnail->getUrl();
|
|
|
|
$this->checkWhitelist($url);
|
2016-07-21 02:19:05 +01:00
|
|
|
|
2018-07-18 05:31:24 +01:00
|
|
|
try {
|
|
|
|
$isImage = $this->isRemoteImage($url);
|
|
|
|
if ($isImage==true) {
|
|
|
|
$max_size = common_get_preferred_php_upload_limit();
|
|
|
|
$file_size = $this->getRemoteFileSize($url);
|
|
|
|
if (($file_size!=false) && ($file_size > $max_size)) {
|
2019-06-30 13:36:33 +01:00
|
|
|
common_debug("Went to store remote thumbnail of size " . $file_size .
|
|
|
|
" but the upload limit is " . $max_size . " so we aborted.");
|
2018-07-18 05:31:24 +01:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} catch (Exception $err) {
|
|
|
|
common_debug("Could not determine size of remote image, aborted local storage.");
|
|
|
|
return $err;
|
2016-07-21 02:19:05 +01:00
|
|
|
}
|
|
|
|
|
2018-07-18 05:31:24 +01:00
|
|
|
// First we download the file to memory and test whether it's actually an image file
|
2015-01-25 01:34:40 +00:00
|
|
|
// FIXME: To support remote video/whatever files, this needs reworking.
|
2019-06-30 13:36:33 +01:00
|
|
|
common_debug(sprintf('Downloading remote thumbnail for file id==%u with thumbnail URL: %s',
|
|
|
|
$thumbnail->file_id, $url));
|
2018-07-18 05:31:24 +01:00
|
|
|
$imgData = HTTPClient::quickGet($url);
|
2015-01-25 01:34:40 +00:00
|
|
|
$info = @getimagesizefromstring($imgData);
|
|
|
|
if ($info === false) {
|
2018-07-18 05:31:24 +01:00
|
|
|
throw new UnsupportedMediaException(_('Remote file format was not identified as an image.'), $url);
|
2015-01-25 01:34:40 +00:00
|
|
|
} elseif (!$info[0] || !$info[1]) {
|
|
|
|
throw new UnsupportedMediaException(_('Image file had impossible geometry (0 width or height)'));
|
|
|
|
}
|
|
|
|
|
2016-02-25 21:31:45 +00:00
|
|
|
$ext = File::guessMimeExtension($info['mime']);
|
|
|
|
|
2018-07-18 05:31:24 +01:00
|
|
|
try {
|
2019-06-13 08:18:10 +01:00
|
|
|
// We'll trust sha256 (File::FILEHASH_ALG) not to have collision issues any time soon :)
|
2019-06-30 13:36:33 +01:00
|
|
|
$original_filename = bin2hex('oembed.' . $ext);
|
|
|
|
$filehash = hash(File::FILEHASH_ALG, $imgData);
|
|
|
|
$filename = "{$original_filename}-{$filehash}";
|
2018-07-18 05:31:24 +01:00
|
|
|
$fullpath = File_thumbnail::path($filename);
|
|
|
|
// Write the file to disk. Throw Exception on failure
|
|
|
|
if (!file_exists($fullpath) && file_put_contents($fullpath, $imgData) === false) {
|
|
|
|
throw new ServerException(_('Could not write downloaded file to disk.'));
|
|
|
|
}
|
|
|
|
} catch (Exception $err) {
|
2019-06-30 13:36:33 +01:00
|
|
|
common_log(LOG_ERROR, "Went to write a thumbnail to disk in OembedPlugin::storeRemoteThumbnail " .
|
|
|
|
"but encountered error: {$err}");
|
2018-07-18 05:31:24 +01:00
|
|
|
return $err;
|
|
|
|
} finally {
|
|
|
|
unset($imgData);
|
|
|
|
}
|
|
|
|
|
|
|
|
try {
|
|
|
|
// Updated our database for the file record
|
|
|
|
$orig = clone($thumbnail);
|
|
|
|
$thumbnail->filename = $filename;
|
|
|
|
$thumbnail->width = $info[0]; // array indexes documented on php.net:
|
|
|
|
$thumbnail->height = $info[1]; // https://php.net/manual/en/function.getimagesize.php
|
|
|
|
// Throws exception on failure.
|
|
|
|
$thumbnail->updateWithKeys($orig);
|
|
|
|
} catch (exception $err) {
|
2019-06-30 13:36:33 +01:00
|
|
|
common_log(LOG_ERROR, "Went to write a thumbnail entry to the database in " .
|
|
|
|
"OembedPlugin::storeRemoteThumbnail but encountered error: ".$err);
|
2018-07-18 05:31:24 +01:00
|
|
|
return $err;
|
|
|
|
}
|
|
|
|
return true;
|
2015-01-25 01:34:40 +00:00
|
|
|
}
|
|
|
|
|
2018-07-18 05:31:24 +01:00
|
|
|
/**
|
|
|
|
* Event raised when GNU social polls the plugin for information about it.
|
|
|
|
* Adds this plugin's version information to $versions array
|
|
|
|
*
|
|
|
|
* @param &$versions array inherited from parent
|
|
|
|
* @return bool true hook value
|
|
|
|
*/
|
2014-05-06 22:00:30 +01:00
|
|
|
public function onPluginVersion(array &$versions)
|
|
|
|
{
|
|
|
|
$versions[] = array('name' => 'Oembed',
|
2019-06-03 01:56:52 +01:00
|
|
|
'version' => self::PLUGIN_VERSION,
|
2014-05-06 22:00:30 +01:00
|
|
|
'author' => 'Mikael Nordfeldth',
|
2018-07-18 05:31:24 +01:00
|
|
|
'homepage' => 'http://gnu.io/social/',
|
2014-05-06 22:00:30 +01:00
|
|
|
'description' =>
|
|
|
|
// TRANS: Plugin description.
|
|
|
|
_m('Plugin for using and representing Oembed data.'));
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|