interesting
/
PeerTube
mirror of https://github.com/Chocobozzz/PeerTube.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

(embed) sandbox the iframe

This commit is contained in:
Rigel Kent 2018-06-10 18:20:19 +02:00 committed by Chocobozzz
parent 054a103b28
commit 7754034641
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
client/src/assets/player/utils.ts
View File

@ -92,6 +92,7 @@ function buildVideoLink (time?: number) {
function buildVideoEmbed (embedUrl: string) {
return '<iframe width="560" height="315" ' +
'sandbox="allow-same-origin allow-scripts" ' +
'src="' + embedUrl + '" ' +
'frameborder="0" allowfullscreen>' +
'</iframe>'

2
server/controllers/services.ts
View File

@ -45,7 +45,7 @@ function generateOEmbed (req: express.Request, res: express.Response, next: expr
thumbnailUrl = undefined
}
const html = `<iframe width="${embedWidth}" height="${embedHeight}" src="${embedUrl}" frameborder="0" allowfullscreen></iframe>`
const html = `<iframe width="${embedWidth}" height="${embedHeight}" sandbox="allow-same-origin allow-scripts" src="${embedUrl}" frameborder="0" allowfullscreen></iframe>`
const json: any = {
type: 'video',