Skip to content

Commit

Permalink
[!!!][TASK] Use no-cookie domain for youtube by default
Browse files Browse the repository at this point in the history 
Improve the privacy of users by using the no-cookie domain of youtube
by default and just use youtube.com if explicitly set.

Resolves: #84843
Releases: master, 8.7, 7.6
Change-Id: I01472f93e32c2011b5494c4670d07f29348016c3
Reviewed-on: https://review.typo3.org/56929
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
  • Loading branch information
@georgringer
georgringer committed May 12, 2018
1 parent dd667bb commit 554b3af
Show file tree
Hide file tree
Showing 5 changed files with 89 additions and 23 deletions.
2 changes: 1 addition & 1 deletion typo3/sysext/core/Classes/Resource/Rendering/YouTubeRenderer.php
View file
Expand Up @@ -127,7 +127,7 @@ public function render(FileInterface $file, $width, $height, array $options = nu

$src = sprintf(
'https://www.youtube%s.com/embed/%s?%s',
!empty($options['no-cookie']) ? '-nocookie' : '',
!isset($options['no-cookie']) || !empty($options['no-cookie']) ? '-nocookie' : '',
$videoId,
implode('&amp;', $urlParams)
);
Expand Down
49 changes: 49 additions & 0 deletions ...tation/Changelog/7.6.x/Breaking-84843-UseNo-cookieDomainForYoutubeByDefault.rst
View file
@@ -0,0 +1,49 @@
.. include:: ../../Includes.txt

==============================================================
Breaking: #84843 - Use no-cookie domain for youtube by default
==============================================================

See :issue:`84843`

Description
===========

To improve the privacy of users the renderer for YouTube videos has been changed to use
the no-cookie domain `www.youtube-nocookie.com` by default. The regular domain `www.youtube.com`
is used if explicitly set by the following TypoScript configuration:

.. code-block:: typoscript
lib.contentElement {
settings {
media {
additionalConfig {
no-cookie = 0
}
}
}
}
Impact
======

The TypoScript configuration :ts:`lib.contentElement.settings.media.additionalConfig` is used
as attribute :php:`additionalConfig` of the ViewHelper :php:`\TYPO3\CMS\Fluid\ViewHelpers\MediaViewHelper`.

If no configuration is provided, the domain `www.youtube-nocookie.com` is used.


Affected Installations
======================

Installations which require the usage of the domain `www.youtube.com` or setting cookies by YouTube.


Migration
=========

Use the TypoScript configuration :ts:`lib.contentElement.settings.media.additionalConfig.no-cookie = 0`

.. index:: TypoScript, ext:fluid_styled_content
56 changes: 35 additions & 21 deletions typo3/sysext/core/Tests/Unit/Resource/Rendering/YouTubeRendererTest.php
View file
Expand Up @@ -93,7 +93,7 @@ public function renderOutputWithLoopIsCorrect()
$fileResourceMock = $this->createMock(File::class);

$this->assertSame(
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=2&amp;loop=1&amp;playlist=7331&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=2&amp;loop=1&amp;playlist=7331&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
$this->subject->render($fileResourceMock, '300m', '200', ['loop' => 1])
);
}
Expand All @@ -107,7 +107,7 @@ public function renderOutputWithAutoplayIsCorrect()
$fileResourceMock = $this->createMock(File::class);

$this->assertSame(
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=2&amp;autoplay=1&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=2&amp;autoplay=1&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
$this->subject->render($fileResourceMock, '300m', '200', ['autoplay' => 1])
);
}
Expand All @@ -126,7 +126,7 @@ public function renderOutputWithAutoplayFromFileReferenceIsCorrect()
$fileReferenceMock->expects($this->any())->method('getOriginalFile')->willReturn($fileResourceMock);

$this->assertSame(
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=2&amp;autoplay=1&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=2&amp;autoplay=1&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
$this->subject->render($fileReferenceMock, '300m', '200')
);
}
Expand All @@ -140,7 +140,7 @@ public function renderOutputWithAutoplayAndWithoutControlsIsCorrect()
$fileResourceMock = $this->createMock(File::class);

$this->assertSame(
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=0&amp;autoplay=1&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=0&amp;autoplay=1&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
$this->subject->render($fileResourceMock, '300m', '200', ['controls' => 0, 'autoplay' => 1])
);
}
Expand All @@ -149,67 +149,67 @@ public function renderOutputWithControlsDataProvider()
{
return [
'no options given' => [
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
null
],
'with option controls = foo as invalid string' => [
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
['controls' => 'foo']
],
'with option controls = true as string' => [
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
['controls' => 'true']
],
'with option controls = false as string' => [
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
['controls' => 'false']
],
'with option controls = true as boolean' => [
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=1&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=1&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
['controls' => true]
],
'with option controls = false as boolean' => [
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
['controls' => false]
],
'with option controls = 0 as string' => [
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=0&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=0&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
['controls' => '0']
],
'with option controls = 1 as string' => [
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=1&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=1&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
['controls' => '1']
],
'with option controls = 2 as string' => [
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
['controls' => '2']
],
'with option controls = 3 as string' => [
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
['controls' => '3']
],
'with option controls = negative number as string' => [
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=0&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=0&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
['controls' => '-42']
],
'with option controls = 0 as int' => [
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=0&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=0&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
['controls' => 0]
],
'with option controls = 1 as int' => [
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=1&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=1&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
['controls' => 1]
],
'with option controls = 2 as int' => [
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
['controls' => 2]
],
'with option controls = 3 as int' => [
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=2&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
['controls' => 3]
],
'with option controls = negative number as int' => [
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=0&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=0&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
['controls' => -42]
],
];
Expand Down Expand Up @@ -239,8 +239,22 @@ public function renderOutputWithRelatedVideosTurnedOffIsCorrect()
$fileResourceMock = $this->createMock(File::class);

$this->assertSame(
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=2&amp;rel=0&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
'<iframe src="https://www.youtube-nocookie.com/embed/7331?autohide=1&amp;controls=2&amp;rel=0&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
$this->subject->render($fileResourceMock, '300m', '200', ['relatedVideos' => 0])
);
}

/**
* @test
*/
public function renderOutputWithDisabledNoCookieIsCorrect()
{
/** @var File|\PHPUnit_Framework_MockObject_MockObject $fileResourceMock */
$fileResourceMock = $this->createMock(File::class);

$this->assertSame(
'<iframe src="https://www.youtube.com/embed/7331?autohide=1&amp;controls=0&amp;enablejsapi=1&amp;origin=http%3A%2F%2Ftest.server.org&amp;showinfo=0" allowfullscreen width="300" height="200"></iframe>',
$this->subject->render($fileResourceMock, '300m', '200', ['controls' => 0, 'no-cookie' => 0])
);
}
}
3 changes: 3 additions & 0 deletions typo3/sysext/fluid_styled_content/Configuration/TypoScript/Helper/ContentElement.txt
View file
Expand Up @@ -32,6 +32,9 @@ lib.contentElement {
directImageLink = {$styles.content.textmedia.linkWrap.lightboxEnabled}
linkParams.ATagParams.dataWrap = class="{$styles.content.textmedia.linkWrap.lightboxCssClass}" rel="{$styles.content.textmedia.linkWrap.lightboxRelAttribute}"
}
additionalConfig {
no-cookie = 1
}
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion typo3/sysext/fluid_styled_content/Resources/Private/Partials/Media/Rendering/Video.html
View file
@@ -1,3 +1,3 @@
<html xmlns:f="http://typo3.org/ns/TYPO3/CMS/Fluid/ViewHelpers" data-namespace-typo3-fluid="true">
<f:media class="video-embed-item" file="{file}" width="{dimensions.width}" height="{dimensions.height}" alt="{file.alternative}" title="{file.title}" />
<f:media class="video-embed-item" file="{file}" width="{dimensions.width}" height="{dimensions.height}" alt="{file.alternative}" title="{file.title}" additionalConfig="{settings.media.additionalConfig}" />
</html>

0 comments on commit 554b3af

Please sign in to comment.