harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

improve oembed cache security

Browse Source
This commit is contained in:
zotlabs 2016-12-19 15:38:42 -08:00
parent b1f4ea6206
commit 1798ebd395
1 changed files with 5 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
include/oembed.php
View File

@ -104,7 +104,7 @@ function oembed_action($embedurl) {
function oembed_process($url) { function oembed_process($url) {
$j = oembed_fetch_url($url); $j = oembed_fetch_url($url);
logger('oembed_process: ' . print_r($j,true)); logger('oembed_process: ' . print_r($j,true), LOGGER_DATA, LOG_DEBUG);
if($j && $j['type'] !== 'error') if($j && $j['type'] !== 'error')
return '[embed]' . $url . '[/embed]'; return '[embed]' . $url . '[/embed]';
return false; return false;
@ -135,19 +135,15 @@ function oembed_fetch_url($embedurl){
// we should try to cache this and avoid a lookup on each render // we should try to cache this and avoid a lookup on each render
$zrl = is_matrix_url($embedurl); $zrl = is_matrix_url($embedurl);
$furl = ((local_channel() && $zrl) ? zid($embedurl) : $embedurl);
if($action !== 'block') { if($action !== 'block') {
$txt = Zlib\Cache::get('[' . App::$videowidth . '] ' . $embedurl); $txt = Zlib\Cache::get('[' . App::$videowidth . '] ' . $furl);
} }
if(is_null($txt)) { if(is_null($txt)) {
$txt = ""; $txt = "";
$furl = $embedurl;
logger('local_channel: ' . local_channel());
if(local_channel() && $zrl)
$furl = zid($furl);
if ($action !== 'block') { if ($action !== 'block') {
// try oembed autodiscovery // try oembed autodiscovery
@ -206,11 +202,10 @@ function oembed_fetch_url($embedurl){
//save in cache //save in cache
if(! get_config('system','oembed_cache_disable')) if(! get_config('system','oembed_cache_disable'))
Zlib\Cache::set('[' . App::$videowidth . '] ' . $embedurl,$txt); Zlib\Cache::set('[' . App::$videowidth . '] ' . $furl, $txt);
} }
$j = json_decode($txt,true); $j = json_decode($txt,true);
if(! $j) if(! $j)