Skip to content
This repository has been archived by the owner on Feb 28, 2022. It is now read-only.

Whitelist more embeds #703

Merged
merged 13 commits into from
May 13, 2020
Merged

Whitelist more embeds #703

merged 13 commits into from
May 13, 2020

Conversation

trieloff
Copy link
Contributor

@trieloff trieloff commented May 6, 2020
edited
Loading

Fix for #700 #701 and #702

For adobe/theblog#186

@codecov
Copy link

codecov bot commented May 6, 2020
edited
Loading

Codecov Report

Merging #703 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff            @@
##            master      #703   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           60        60           
  Lines         1459      1459           
=========================================
  Hits          1459      1459

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a4d82e8...a9c1205. Read the comment docs.

@trieloff trieloff requested review from kptdobe and rofe May 6, 2020 11:07
@github-actions
Copy link

github-actions bot commented May 6, 2020

This PR will trigger a minor release when merged.

kptdobe
kptdobe previously approved these changes May 6, 2020
View reviewed changes
Copy link
Contributor

@kptdobe kptdobe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok even if it does not fully solve the Vimeo + player case (see comment in #702) (more will be required)

rofe
rofe previously approved these changes May 6, 2020
View reviewed changes
Copy link
Contributor

@rofe rofe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we add Spotify as well?

@MarquiseRosier
Copy link
Contributor

MarquiseRosier commented May 6, 2020
edited
Loading

I think we should just get the list from IFramely so that we don't run into the issue of not supporting embeds, unless it's something we really don't support yet @trieloff we can just fetch this resource: http://iframe.ly/domains.json

@trieloff
Copy link
Contributor Author

trieloff commented May 6, 2020

I think using the iFramely whitelist is a good idea for helix pages. Let’s open another issue for that.

@MarquiseRosier
Copy link
Contributor

I think using the iFramely whitelist is a good idea for helix pages. Let’s open another issue for that.

Ok! :)

@rofe rofe dismissed stale reviews from kptdobe, stefan-guggisberg, and themself via 9d73286 May 12, 2020 16:36
@trieloff trieloff merged commit fddf265 into master May 13, 2020
@trieloff trieloff deleted the triple-embed-threat branch May 13, 2020 07:13
@adobe-bot
Copy link

🎉 This PR is included in version 7.1.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@rofe rofe rofe approved these changes

@MarquiseRosier MarquiseRosier MarquiseRosier approved these changes

@kptdobe kptdobe kptdobe left review comments

@stefan-guggisberg stefan-guggisberg stefan-guggisberg left review comments

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@trieloff @MarquiseRosier @adobe-bot @kptdobe @stefan-guggisberg @rofe