3 if (!defined('GNUSOCIAL')) { exit(1); }
5 class OembedPlugin extends Plugin
7 // settings which can be set in config.php with addPlugin('Oembed', array('param'=>'value', ...));
8 // WARNING, these are _regexps_ (slashes added later). Always escape your dots and end your strings
9 public $domain_whitelist = array( // hostname => service provider
10 '^i\d*\.ytimg\.com$' => 'YouTube',
11 '^i\d*\.vimeocdn\.com$' => 'Vimeo',
13 public $append_whitelist = array(); // fill this array as domain_whitelist to add more trusted sources
14 public $check_whitelist = false; // security/abuse precaution
16 protected $imgData = array();
18 // these should be declared protected everywhere
19 public function initialize()
23 $this->domain_whitelist = array_merge($this->domain_whitelist, $this->append_whitelist);
26 public function onCheckSchema()
28 $schema = Schema::get();
29 $schema->ensureTable('file_oembed', File_oembed::schemaDef());
33 public function onRouterInitialized(URLMapper $m)
35 $m->connect('main/oembed', array('action' => 'oembed'));
38 public function onEndShowHeadElements(Action $action)
40 switch ($action->getActionName()) {
42 $action->element('link',array('rel'=>'alternate',
43 'type'=>'application/json+oembed',
44 'href'=>common_local_url(
47 array('format'=>'json', 'url'=>
48 common_local_url('attachment',
49 array('attachment' => $action->attachment->id)))),
50 'title'=>'oEmbed'),null);
51 $action->element('link',array('rel'=>'alternate',
52 'type'=>'text/xml+oembed',
53 'href'=>common_local_url(
56 array('format'=>'xml','url'=>
57 common_local_url('attachment',
58 array('attachment' => $action->attachment->id)))),
59 'title'=>'oEmbed'),null);
63 $action->element('link',array('rel'=>'alternate',
64 'type'=>'application/json+oembed',
65 'href'=>common_local_url(
68 array('format'=>'json','url'=>$action->notice->getUrl())),
69 'title'=>'oEmbed'),null);
70 $action->element('link',array('rel'=>'alternate',
71 'type'=>'text/xml+oembed',
72 'href'=>common_local_url(
75 array('format'=>'xml','url'=>$action->notice->getUrl())),
76 'title'=>'oEmbed'),null);
77 } catch (InvalidUrlException $e) {
78 // The notice is probably a share or similar, which don't
79 // have a representational URL of their own.
88 * Save embedding information for a File, if applicable.
90 * Normally this event is called through File::saveNew()
92 * @param File $file The newly inserted File object.
93 * @param array $redir_data lookup data eg from File_redirection::where()
94 * @param string $given_url
96 * @return boolean success
98 public function onEndFileSaveNew(File $file, array $redir_data, $given_url)
100 $fo = File_oembed::getKV('file_id', $file->id);
101 if ($fo instanceof File_oembed) {
102 common_log(LOG_WARNING, "Strangely, a File_oembed object exists for new file {$file->id}", __FILE__);
106 if (isset($redir_data['oembed']['json'])
107 && !empty($redir_data['oembed']['json'])) {
108 File_oembed::saveNew($redir_data['oembed']['json'], $file->id);
109 } elseif (isset($redir_data['type'])
110 && (('text/html' === substr($redir_data['type'], 0, 9)
111 || 'application/xhtml+xml' === substr($redir_data['type'], 0, 21)))) {
114 $oembed_data = File_oembed::_getOembed($given_url);
115 if ($oembed_data === false) {
116 throw new Exception('Did not get oEmbed data from URL');
118 } catch (Exception $e) {
122 File_oembed::saveNew($oembed_data, $file->id);
127 public function onEndShowAttachmentLink(HTMLOutputter $out, File $file)
129 $oembed = File_oembed::getKV('file_id', $file->id);
130 if (empty($oembed->author_name) && empty($oembed->provider)) {
133 $out->elementStart('div', array('id'=>'oembed_info', 'class'=>'e-content'));
134 if (!empty($oembed->author_name)) {
135 $out->elementStart('div', 'fn vcard author');
136 if (empty($oembed->author_url)) {
137 $out->text($oembed->author_name);
139 $out->element('a', array('href' => $oembed->author_url,
141 $oembed->author_name);
144 if (!empty($oembed->provider)) {
145 $out->elementStart('div', 'fn vcard');
146 if (empty($oembed->provider_url)) {
147 $out->text($oembed->provider);
149 $out->element('a', array('href' => $oembed->provider_url,
154 $out->elementEnd('div');
157 public function onFileEnclosureMetadata(File $file, &$enclosure)
159 // Never treat generic HTML links as an enclosure type!
160 // But if we have oEmbed info, we'll consider it golden.
161 $oembed = File_oembed::getKV('file_id', $file->id);
162 if (!$oembed instanceof File_oembed || !in_array($oembed->type, array('photo', 'video'))) {
166 foreach (array('mimetype', 'url', 'title', 'modified') as $key) {
167 if (!empty($oembed->{$key})) {
168 $enclosure->{$key} = $oembed->{$key};
174 public function onStartShowAttachmentRepresentation(HTMLOutputter $out, File $file)
177 $oembed = File_oembed::getByFile($file);
178 } catch (NoResultException $e) {
182 switch ($oembed->type) {
186 if (!empty($oembed->html)
187 && (GNUsocial::isAjax() || common_config('attachments', 'show_html'))) {
188 require_once INSTALLDIR.'/extlib/htmLawed/htmLawed.php';
191 'elements'=>'*+object+embed');
192 $out->raw(htmLawed($oembed->html,$config));
197 $out->element('img', array('src' => $oembed->url, 'width' => $oembed->width, 'height' => $oembed->height, 'alt' => 'alt'));
201 Event::handle('ShowUnsupportedAttachmentRepresentation', array($out, $file));
205 public function onCreateFileImageThumbnailSource(File $file, &$imgPath, $media=null)
207 // If we are on a private node, we won't do any remote calls (just as a precaution until
208 // we can configure this from config.php for the private nodes)
209 if (common_config('site', 'private')) {
213 // All our remote Oembed images lack a local filename property in the File object
214 if (!is_null($file->filename)) {
219 // If we have proper oEmbed data, there should be an entry in the File_oembed
220 // and File_thumbnail tables respectively. If not, we're not going to do anything.
221 $file_oembed = File_oembed::getByFile($file);
222 $thumbnail = File_thumbnail::byFile($file);
223 } catch (Exception $e) {
224 // Not Oembed data, or at least nothing we either can or want to use.
229 $this->storeRemoteFileThumbnail($thumbnail);
230 } catch (AlreadyFulfilledException $e) {
234 $imgPath = $thumbnail->getPath();
240 * @return boolean false on no check made, provider name on success
241 * @throws ServerException if check is made but fails
243 protected function checkWhitelist($url)
245 if (!$this->check_whitelist) {
246 return false; // indicates "no check made"
249 $host = parse_url($url, PHP_URL_HOST);
250 foreach ($this->domain_whitelist as $regex => $provider) {
251 if (preg_match("/$regex/", $host)) {
252 return $provider; // we trust this source, return provider name
256 throw new ServerException(sprintf(_('Domain not in remote thumbnail source whitelist: %s'), $host));
259 protected function storeRemoteFileThumbnail(File_thumbnail $thumbnail)
261 if (!empty($thumbnail->filename) && file_exists($thumbnail->getPath())) {
262 throw new AlreadyFulfilledException(sprintf('A thumbnail seems to already exist for remote file with id==%u', $thumbnail->file_id));
265 $url = $thumbnail->getUrl();
266 $this->checkWhitelist($url);
268 // First we download the file to memory and test whether it's actually an image file
269 // FIXME: To support remote video/whatever files, this needs reworking.
270 common_debug(sprintf('Downloading remote thumbnail for file id==%u with thumbnail URL: %s', $thumbnail->file_id, $url));
271 $imgData = HTTPClient::quickGet($url);
272 $info = @getimagesizefromstring($imgData);
273 if ($info === false) {
274 throw new UnsupportedMediaException(_('Remote file format was not identified as an image.'), $url);
275 } elseif (!$info[0] || !$info[1]) {
276 throw new UnsupportedMediaException(_('Image file had impossible geometry (0 width or height)'));
279 // We'll trust sha256 (File::FILEHASH_ALG) not to have collision issues any time soon :)
280 $filename = hash(File::FILEHASH_ALG, $imgData) . '.' . common_supported_mime_to_ext($info['mime']);
281 $fullpath = File_thumbnail::path($filename);
282 // Write the file to disk. Throw Exception on failure
283 if (!file_exists($fullpath) && file_put_contents($fullpath, $imgData) === false) {
284 throw new ServerException(_('Could not write downloaded file to disk.'));
286 // Get rid of the file from memory
289 // Updated our database for the file record
290 $orig = clone($thumbnail);
291 $thumbnail->filename = $filename;
292 $thumbnail->width = $info[0]; // array indexes documented on php.net:
293 $thumbnail->height = $info[1]; // https://php.net/manual/en/function.getimagesize.php
294 // Throws exception on failure.
295 $thumbnail->updateWithKeys($orig, 'file_id');
298 public function onPluginVersion(array &$versions)
300 $versions[] = array('name' => 'Oembed',
301 'version' => GNUSOCIAL_VERSION,
302 'author' => 'Mikael Nordfeldth',
303 'homepage' => 'http://gnu.io/',
305 // TRANS: Plugin description.
306 _m('Plugin for using and representing Oembed data.'));