Use iframe for crossite loading instead of CORS header

[friendica-addons.git] / widgets / widgets.php

diff --git a/widgets/widgets.php b/widgets/widgets.php
index cedaea34b1ca7167d9a99ca00bfcb22e6cce3be2..226a34c060f88c519469c832f1a1f209172e44e0 100644 (file)
--- a/widgets/widgets.php
+++ b/widgets/widgets.php
@@ -72,6 +72,10 @@ function _abs_url($s){
        return preg_replace("|href=(['\"])([^h][^t][^t][^p])|", "href=\$1".$a->get_baseurl()."/\$2", $s);
 }
 
+function _randomAlphaNum($length){
+       return substr(str_shuffle(str_repeat('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789',$length)),0,$length);
+} 
+
 
 function widgets_content(&$a) {
 
@@ -106,7 +110,7 @@ function widgets_content(&$a) {
 
        //echo "<pre>"; var_dump($a->argv); die();
        if ($a->argv[2]=="cb"){
-               header('Access-Control-Allow-Origin: *');
+               /*header('Access-Control-Allow-Origin: *');*/
                $o .= call_user_func($a->argv[1].'_widget_content',$a, $conf);
                
        } else {
@@ -126,15 +130,19 @@ function widgets_content(&$a) {
                }
        
        
-
+               
+               $widget_size = call_user_func($a->argv[1].'_widget_size');
        
                $script = file_get_contents(dirname(__file__)."/widgets.js");
                $o .= replace_macros($script, array(
                        '$entrypoint' => $a->get_baseurl()."/widgets/".$a->argv[1]."/cb/",
                        '$key' => $conf['key'],
-                       '$widget_id' => 'f9a_'.$a->argv[1]."_". ceil(microtime(true)*100),
+                       '$widget_id' => 'f9a_'.$a->argv[1]."_"._randomAlphaNum(6),
                        '$loader' => $a->get_baseurl()."/images/rotator.gif",
                        '$args' => (isset($_GET['a'])?$_GET['a']:''),
+                       '$width' => $widget_size[0],
+                       '$height' => $widget_size[1],
+                       '$type' => $a->argv[1],
                ));