Open pieqq opened 10 years ago
Maybe add the iframe
element in helpers/ContentLoader.php
in function sanitizeContent()
.
I think thats not a good idea, because of security reasons.
Thank you guys for your comments. You're right @SSilence, after @niol explained how to show it, I understood it was removed for a reason...
Do you think it would be possible to show a placeholder where an element like a video was supposed to show? So I know I have to view the real article to see the video... Or even better, in the case of iframes from youtube/dailymotion/vimeo, to extract the URL of the video and show it, so the user just has to click on it to view the video.
What do you think?
For Youtube, an embed link looks like this:
<iframe width="420" height="315" src="//www.youtube.com/embed/clC6cgoh1sU" frameborder="0" allowfullscreen></iframe>
For Vimeo:
<iframe src="//player.vimeo.com/video/90312869" width="500" height="281" frameborder="0" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe> <p><a href="http://vimeo.com/90312869">360° Video using 6 GoPro Cameras - spherical panorama timelapse</a> from <a href="http://vimeo.com/j0n4s">j0n4s</a> on <a href="https://vimeo.com">Vimeo</a>.</p>
For Dailymotion:
<iframe frameborder="0" width="480" height="270" src="//www.dailymotion.com/embed/video/xqdlrf" allowfullscreen></iframe><br /><a href="http://www.dailymotion.com/video/xqdlrf_sintel_shortfilms" target="_blank">Sintel</a> <i>发布人 <a href="http://www.dailymotion.com/flattr" target="_blank">flattr</a></i>
Basically, all of them use an iframe
with a src
element.
Maybe it's possible to filter and display iframes only coming from youtube.com, vimeo.com and dailymotion.com for instance?
I would like to see this as well. In fact I would like full MRSS support.
I understand the potential for identifying location if you load videos directly. And also understand the security concerns surrounding the use of iframes.
But I think that those should be concerns left to the end user and an opt in option to allow videos or some content to be shown or parsed for rendering in the best way possible for the end users.
For security reasons this should be a whitelist, e.g. allow iframes with embed link of youtube, vimeo, ...
Good news! Thanks Tobias! Do you think this whitelist should be in the config file or in the Settings page?
Tested on Selfoss 2.10.
When a feed article contains a video, it is not displayed.
Example: http://www.lense.fr/blog/feed/
It contains the following item:
As you can see, inside the content there is an iframe and a link to the video (on Vimeo)
However, when I display the article, nothing is shown (I put a red eclipse where the video is supposed to be displayed):
Is there a way to display the videos in the RSS feeds?