TinyMCE: improve the previews for embedded WordPress posts:

- Add option to force a sandbox iframe in wpview.
- Use it to show the embedded post preview.
- Remove the deprecated `wpembed` plugin.js

Fixes #39513.

git-svn-id: https://develop.svn.wordpress.org/trunk@40019 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Andrew Ozz 2017-01-27 04:24:58 +00:00
parent a2ac38016d
commit 1a068f2a61
4 changed files with 39 additions and 32 deletions

View File

@ -3004,7 +3004,6 @@ function wp_ajax_parse_embed() {
$parsed = $styles . $html . $scripts;
}
if ( ! empty( $no_ssl_support ) || ( is_ssl() && ( preg_match( '%<(iframe|script|embed) [^>]*src="http://%', $parsed ) ||
preg_match( '%<link [^>]*href="http://%', $parsed ) ) ) ) {
// Admin is ssl and the embed is not. Iframes, scripts, and other "active content" will be blocked.
@ -3014,10 +3013,23 @@ function wp_ajax_parse_embed() {
) );
}
wp_send_json_success( array(
$return = array(
'body' => $parsed,
'attr' => $wp_embed->last_attr
) );
);
if ( strpos( $parsed, 'class="wp-embedded-content' ) ) {
if ( defined( 'SCRIPT_DEBUG' ) && SCRIPT_DEBUG ) {
$script_src = includes_url( 'js/wp-embed.js' );
} else {
$script_src = includes_url( 'js/wp-embed.min.js' );
}
$return['head'] = '<script src="' . $script_src . '"></script>';
$return['sandbox'] = true;
}
wp_send_json_success( $return );
}
/**

View File

@ -417,7 +417,6 @@ final class _WP_Editors {
'wpdialogs',
'wptextpattern',
'wpview',
'wpembed',
);
if ( ! self::$has_medialib ) {

View File

@ -468,7 +468,7 @@
* @param {Boolean} rendered Only set for (un)rendered nodes. Optional.
*/
setContent: function( content, callback, rendered ) {
if ( _.isObject( content ) && content.body.indexOf( '<script' ) !== -1 ) {
if ( _.isObject( content ) && ( content.sandbox || content.head || content.body.indexOf( '<script' ) !== -1 ) ) {
this.setIframes( content.head || '', content.body, callback, rendered );
} else if ( _.isString( content ) && content.indexOf( '<script' ) !== -1 ) {
this.setIframes( '', content, callback, rendered );
@ -584,6 +584,9 @@
'display: none;' +
'content: "";' +
'}' +
'iframe {' +
'max-width: 100%;' +
'}' +
'</style>' +
'</head>' +
'<body id="wpview-iframe-sandbox" class="' + bodyClasses + '">' +
@ -623,25 +626,35 @@
}
function reload() {
if ( ! editor.isHidden() ) {
$( node ).data( 'rendered', null );
setTimeout( function() {
wp.mce.views.render();
} );
}
}
function addObserver() {
observer = new MutationObserver( _.debounce( resize, 100 ) );
observer.observe( iframeDoc.body, {
attributes: true,
childList: true,
subtree: true
} );
}
$( iframeWin ).on( 'load', resize ).on( 'unload', reload );
MutationObserver = iframeWin.MutationObserver || iframeWin.WebKitMutationObserver || iframeWin.MozMutationObserver;
if ( MutationObserver ) {
observer = new MutationObserver( _.debounce( resize, 100 ) );
observer.observe( iframeDoc.body, {
attributes: true,
childList: true,
subtree: true
} );
if ( ! iframeDoc.body ) {
iframeDoc.addEventListener( 'DOMContentLoaded', addObserver, false );
} else {
addObserver();
}
} else {
for ( i = 1; i < 6; i++ ) {
setTimeout( resize, i * 700 );

View File

@ -1,17 +0,0 @@
(function ( tinymce ) {
'use strict';
tinymce.PluginManager.add( 'wpembed', function ( editor, url ) {
editor.on( 'init', function () {
var scriptId = editor.dom.uniqueId();
var scriptElm = editor.dom.create( 'script', {
id: scriptId,
type: 'text/javascript',
src: url + '/../../../wp-embed.js'
} );
editor.getDoc().getElementsByTagName( 'head' )[ 0 ].appendChild( scriptElm );
} );
} );
})( window.tinymce );