1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
<?php
/**
* Class AMP_Scribd_Embed_Handler
*
* @package AMP
* @since 1.4
*/
/**
* Class AMP_Scribd_Embed_Handler
*
* @internal
*/
class AMP_Scribd_Embed_Handler extends AMP_Base_Embed_Handler {
/**
* Registers embed.
*/
public function register_embed() {
add_filter( 'embed_oembed_html', [ $this, 'filter_embed_oembed_html' ], 10, 2 );
}
/**
* Unregisters embed.
*/
public function unregister_embed() {
remove_filter( 'embed_oembed_html', [ $this, 'filter_embed_oembed_html' ] );
}
/**
* Filter oEmbed HTML for Scribd to be AMP compatible.
*
* @param string $cache Cache for oEmbed.
* @param string $url Embed URL.
* @return string Embed.
*/
public function filter_embed_oembed_html( $cache, $url ) {
if ( ! in_array( wp_parse_url( $url, PHP_URL_HOST ), [ 'scribd.com', 'www.scribd.com' ], true ) ) {
return $cache;
}
return $this->sanitize_iframe( $cache );
}
/**
* Retrieves iframe element from HTML string and amends or appends the correct sandbox permissions.
*
* @param string $html HTML string.
* @return string iframe with correct sandbox permissions.
*/
private function sanitize_iframe( $html ) {
return preg_replace_callback(
'#^.*<iframe(?P<iframe_attributes>[^>]+?)></iframe>.*$#s',
function ( $matches ) {
$attrs = $matches['iframe_attributes'];
// Amend the required keywords to the iframe's sandbox.
$sandbox = 'allow-popups allow-scripts';
$replaced = 0;
$attrs = preg_replace(
'#(?<=\ssandbox=["\'])#',
"{$sandbox} ", // whitespace is necessary to separate prior permissions.
$attrs,
1,
$replaced
);
// If no sandbox attribute was found, then add the attribute.
if ( 0 === $replaced ) {
$attrs .= sprintf( ' sandbox="%s"', $sandbox );
}
// The iframe sanitizer will convert this into an amp-iframe.
return "<iframe{$attrs}></iframe>";
},
$html
);
}
}
|