revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-02-02 09:58:24 +01:00
Code Issues Releases Wiki Activity

Fix YouTube remarkup rule being blocked by Content-Security-Policy header

Browse source 
Summary: Ref T13116. See PHI526. Currently, the YouTube remarkup rule writes an `<iframe ...>` but does not adjust the Content-Security-Policy appropriately.

Test Plan: Pasted a YouTube link; viewed it in Safari, Chrome and Firefox.

Maniphest Tasks: T13116

Differential Revision: https://secure.phabricator.com/D19277
This commit is contained in:
epriestley 2018-04-02 16:03:05 -07:00
parent 7189cb7ba8
commit 651f91cd54
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/infrastructure/markup/rule/PhabricatorYoutubeRemarkupRule.php
View file

@ -52,4 +52,9 @@ final class PhabricatorYoutubeRemarkupRule extends PhutilRemarkupRule {
return $this->getEngine()->storeText($iframe); return $this->getEngine()->storeText($iframe);
} }
public function didMarkupText() {
CelerityAPI::getStaticResourceResponse()
->addContentSecurityPolicyURI('frame-src', 'https://www.youtube.com/');
}
} }