Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

REST API: Remove oEmbed proxy HTML filtering #13575

Merged
merged 3 commits into from Jan 30, 2019
Merged

REST API: Remove oEmbed proxy HTML filtering #13575

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
e794dc2
Plugin: Remove oEmbed proxy HTML filtering
aduth Jan 29, 2019
a943568
Plugin: Use updated Trac ticket link for oEmbed filter reference
aduth Jan 29, 2019
961e23f
Plugin: Use updated Trac ticket link for oEmbed filter reference
aduth Jan 29, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
61 changes: 20 additions & 41 deletions lib/rest-api.php
View file
Open in desktop
Expand Up @@ -21,12 +21,9 @@ function gutenberg_register_rest_routes() {
}

/**
* Make sure oEmbed REST Requests apply the WP Embed security mechanism for WordPress embeds.
* Handle a failing oEmbed proxy request to try embedding as a shortcode.
*
* @see https://core.trac.wordpress.org/ticket/32522
*
* TODO: This is a temporary solution. Next step would be to edit the WP_oEmbed_Controller,
* once merged into Core.
* @see https://core.trac.wordpress.org/ticket/45447
*
* @since 2.3.0
*
Expand All @@ -36,50 +33,32 @@ function gutenberg_register_rest_routes() {
* @return WP_HTTP_Response|object|WP_Error The REST Request response.
*/
function gutenberg_filter_oembed_result( $response, $handler, $request ) {
if ( 'GET' !== $request->get_method() ) {
if ( ! is_wp_error( $response ) || 'oembed_invalid_url' !== $response->get_error_code() ||
'/oembed/1.0/proxy' !== $request->get_route() ) {
return $response;
}

if ( is_wp_error( $response ) && 'oembed_invalid_url' !== $response->get_error_code() ) {
// Try using a classic embed instead.
global $wp_embed;
$html = $wp_embed->shortcode( array(), $_GET['url'] );
if ( ! $html ) {
return $response;
}

// External embeds.
if ( '/oembed/1.0/proxy' === $request->get_route() ) {
if ( is_wp_error( $response ) ) {
// It's possibly a local post, so lets try and retrieve it that way.
$post_id = url_to_postid( $_GET['url'] );
$data = get_oembed_response_data( $post_id, apply_filters( 'oembed_default_width', 600 ) );

if ( $data ) {
// It's a local post!
$response = (object) $data;
} else {
// Try using a classic embed, instead.
global $wp_embed;
$html = $wp_embed->shortcode( array(), $_GET['url'] );
if ( $html ) {
global $wp_scripts;
// Check if any scripts were enqueued by the shortcode, and
// include them in the response.
$enqueued_scripts = array();
foreach ( $wp_scripts->queue as $script ) {
$enqueued_scripts[] = $wp_scripts->registered[ $script ]->src;
}
return array(
'provider_name' => __( 'Embed Handler', 'gutenberg' ),
'html' => $html,
'scripts' => $enqueued_scripts,
);
}
}
}

// Make sure the HTML is run through the oembed sanitisation routines.
$response->html = wp_oembed_get( $_GET['url'], $_GET );
global $wp_scripts;

// Check if any scripts were enqueued by the shortcode, and include them in
// the response.
$enqueued_scripts = array();
foreach ( $wp_scripts->queue as $script ) {
$enqueued_scripts[] = $wp_scripts->registered[ $script ]->src;
}

return $response;
return array(
'provider_name' => __( 'Embed Handler', 'gutenberg' ),
'html' => $html,
'scripts' => $enqueued_scripts,
);
}
add_filter( 'rest_request_after_callbacks', 'gutenberg_filter_oembed_result', 10, 3 );

Expand Down