$metadata->thumbnail_url is not guaranteed to be set

[quix0rs-gnu-social.git] / plugins / Oembed / OembedPlugin.php

diff --git a/plugins/Oembed/OembedPlugin.php b/plugins/Oembed/OembedPlugin.php
index d17a1e68c3f77a4e5c9015362105e7a3efd6402e..44e4ac93180679d1baccba90fb6bb66bc74a25b8 100644 (file)
--- a/plugins/Oembed/OembedPlugin.php
+++ b/plugins/Oembed/OembedPlugin.php
@@ -73,18 +73,20 @@ class OembedPlugin extends Plugin
             $metadata = OpenGraphHelper::ogFromHtml($dom);
         }
 
-        // sometimes sites serve the path, not the full URL, for images
-        // let's "be liberal in what you accept from others"!
-        // add protocol and host if the thumbnail_url starts with /
-        if(substr($metadata->thumbnail_url,0,1) == '/') {
-            $thumbnail_url_parsed = parse_url($metadata->url);
-            $metadata->thumbnail_url = $thumbnail_url_parsed['scheme']."://".$thumbnail_url_parsed['host'].$metadata->thumbnail_url;
-        } 
+        if (isset($metadata->thumbnail_url)) {
+            // sometimes sites serve the path, not the full URL, for images
+            // let's "be liberal in what you accept from others"!
+            // add protocol and host if the thumbnail_url starts with /
+            if(substr($metadata->thumbnail_url,0,1) == '/') {
+                $thumbnail_url_parsed = parse_url($metadata->url);
+                $metadata->thumbnail_url = $thumbnail_url_parsed['scheme']."://".$thumbnail_url_parsed['host'].$metadata->thumbnail_url;
+            }
         
-        // some wordpress opengraph implementations sometimes return a white blank image
-        // no need for us to save that!
-        if($metadata->thumbnail_url == 'https://s0.wp.com/i/blank.jpg') {
-            unset($metadata->thumbnail_url);
+            // some wordpress opengraph implementations sometimes return a white blank image
+            // no need for us to save that!
+            if($metadata->thumbnail_url == 'https://s0.wp.com/i/blank.jpg') {
+                unset($metadata->thumbnail_url);
+            }
         }
 
     }
@@ -233,16 +235,14 @@ class OembedPlugin extends Plugin
 
         // the 'photo' type is shown through ordinary means, using StartShowAttachmentRepresentation!
         switch ($oembed->type) {
-        case 'rich':
         case 'video':
         case 'link':
             if (!empty($oembed->html)
                     && (GNUsocial::isAjax() || common_config('attachments', 'show_html'))) {
-                require_once INSTALLDIR.'/extlib/htmLawed/htmLawed.php';
-                $config = array(
-                    'safe'=>1,
-                    'elements'=>'*+object+embed');
-                $out->raw(htmLawed($oembed->html,$config));
+                require_once INSTALLDIR.'/extlib/HTMLPurifier/HTMLPurifier.auto.php';
+                $purifier = new HTMLPurifier();
+                // FIXME: do we allow <object> and <embed> here? we did that when we used htmLawed, but I'm not sure anymore...
+                $out->raw($purifier->purify($oembed->html));
             }
             return false;
             break;
@@ -269,7 +269,7 @@ class OembedPlugin extends Plugin
             // and File_thumbnail tables respectively. If not, we're not going to do anything.
             $file_oembed = File_oembed::getByFile($file);
             $thumbnail   = File_thumbnail::byFile($file);
-        } catch (Exception $e) {
+        } catch (NoResultException $e) {
             // Not Oembed data, or at least nothing we either can or want to use.
             return true;
         }