From 1c237a4dd8d7ab1388884b8771852422f872e018 Mon Sep 17 00:00:00 2001
From: Benjamin Franzke <bfr@qbus.de>
Date: Thu, 17 Nov 2016 06:54:21 +0100
Subject: [PATCH] [BUGFIX] YouTubeRenderer: urlencode the origin parameter
Commit 84ab413 (https://review.typo3.org/49416) fixed the origin
parameter to include the full host (and thus the scheme).
The full host url was not urlencoded. As the scheme contains
slashes this has to be encoded as well.
Change-Id: Ifb73dfc11ef723049729e0475eb6ac234db6a3eb
Releases: master, 7.6
Resolves: #78728
Reviewed-on: https://review.typo3.org/50686
Reviewed-by: Markus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein <markus.klein@typo3.org>
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Frans Saris <franssaris@gmail.com>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
---
.../Classes/Resource/Rendering/YouTubeRenderer.php | 2 +-
.../Unit/Resource/Rendering/YouTubeRendererTest.php | 12 ++++++------
2 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/typo3/sysext/core/Classes/Resource/Rendering/YouTubeRenderer.php b/typo3/sysext/core/Classes/Resource/Rendering/YouTubeRenderer.php
index f0e1b88d4dcb..68ba3de031c1 100644
--- a/typo3/sysext/core/Classes/Resource/Rendering/YouTubeRenderer.php
+++ b/typo3/sysext/core/Classes/Resource/Rendering/YouTubeRenderer.php
@@ -119,7 +119,7 @@ class YouTubeRenderer implements FileRendererInterface
$urlParams[] = 'rel=' . (int)(bool)$options['relatedVideos'];
}
if (!isset($options['enablejsapi']) || !empty($options['enablejsapi'])) {
- $urlParams[] = 'enablejsapi=1&origin=' . GeneralUtility::getIndpEnv('TYPO3_REQUEST_HOST');
+ $urlParams[] = 'enablejsapi=1&origin=' . rawurlencode(GeneralUtility::getIndpEnv('TYPO3_REQUEST_HOST'));
}
$urlParams[] = 'showinfo=' . (int)!empty($options['showinfo']);
diff --git a/typo3/sysext/core/Tests/Unit/Resource/Rendering/YouTubeRendererTest.php b/typo3/sysext/core/Tests/Unit/Resource/Rendering/YouTubeRendererTest.php
index d837da34e240..3b5487a592c2 100644
--- a/typo3/sysext/core/Tests/Unit/Resource/Rendering/YouTubeRendererTest.php
+++ b/typo3/sysext/core/Tests/Unit/Resource/Rendering/YouTubeRendererTest.php
@@ -94,7 +94,7 @@ class YouTubeRendererTest extends UnitTestCase
$fileResourceMock = $this->createMock(File::class);
$this->assertSame(
- '<iframe src="https://www.youtube.com/embed/7331?autohide=1&controls=2&enablejsapi=1&origin=http://test.server.org&showinfo=0" allowfullscreen width="300" height="200"></iframe>',
+ '<iframe src="https://www.youtube.com/embed/7331?autohide=1&controls=2&enablejsapi=1&origin=http%3A%2F%2Ftest.server.org&showinfo=0" allowfullscreen width="300" height="200"></iframe>',
$this->subject->render($fileResourceMock, '300m', '200')
);
}
@@ -108,7 +108,7 @@ class YouTubeRendererTest extends UnitTestCase
$fileResourceMock = $this->createMock(File::class);
$this->assertSame(
- '<iframe src="https://www.youtube.com/embed/7331?autohide=1&controls=2&loop=1&playlist=7331&enablejsapi=1&origin=http://test.server.org&showinfo=0" allowfullscreen width="300" height="200"></iframe>',
+ '<iframe src="https://www.youtube.com/embed/7331?autohide=1&controls=2&loop=1&playlist=7331&enablejsapi=1&origin=http%3A%2F%2Ftest.server.org&showinfo=0" allowfullscreen width="300" height="200"></iframe>',
$this->subject->render($fileResourceMock, '300m', '200', ['loop' => 1])
);
}
@@ -122,7 +122,7 @@ class YouTubeRendererTest extends UnitTestCase
$fileResourceMock = $this->createMock(File::class);
$this->assertSame(
- '<iframe src="https://www.youtube.com/embed/7331?autohide=1&controls=2&autoplay=1&enablejsapi=1&origin=http://test.server.org&showinfo=0" allowfullscreen width="300" height="200"></iframe>',
+ '<iframe src="https://www.youtube.com/embed/7331?autohide=1&controls=2&autoplay=1&enablejsapi=1&origin=http%3A%2F%2Ftest.server.org&showinfo=0" allowfullscreen width="300" height="200"></iframe>',
$this->subject->render($fileResourceMock, '300m', '200', ['autoplay' => 1])
);
}
@@ -141,7 +141,7 @@ class YouTubeRendererTest extends UnitTestCase
$fileReferenceMock->expects($this->any())->method('getOriginalFile')->willReturn($fileResourceMock);
$this->assertSame(
- '<iframe src="https://www.youtube.com/embed/7331?autohide=1&controls=2&autoplay=1&enablejsapi=1&origin=http://test.server.org&showinfo=0" allowfullscreen width="300" height="200"></iframe>',
+ '<iframe src="https://www.youtube.com/embed/7331?autohide=1&controls=2&autoplay=1&enablejsapi=1&origin=http%3A%2F%2Ftest.server.org&showinfo=0" allowfullscreen width="300" height="200"></iframe>',
$this->subject->render($fileReferenceMock, '300m', '200')
);
}
@@ -155,7 +155,7 @@ class YouTubeRendererTest extends UnitTestCase
$fileResourceMock = $this->createMock(File::class);
$this->assertSame(
- '<iframe src="https://www.youtube.com/embed/7331?autohide=1&autoplay=1&enablejsapi=1&origin=http://test.server.org&showinfo=0" allowfullscreen width="300" height="200"></iframe>',
+ '<iframe src="https://www.youtube.com/embed/7331?autohide=1&autoplay=1&enablejsapi=1&origin=http%3A%2F%2Ftest.server.org&showinfo=0" allowfullscreen width="300" height="200"></iframe>',
$this->subject->render($fileResourceMock, '300m', '200', ['controls' => 0, 'autoplay' => 1])
);
}
@@ -169,7 +169,7 @@ class YouTubeRendererTest extends UnitTestCase
$fileResourceMock = $this->createMock(File::class);
$this->assertSame(
- '<iframe src="https://www.youtube.com/embed/7331?autohide=1&controls=2&rel=0&enablejsapi=1&origin=http://test.server.org&showinfo=0" allowfullscreen width="300" height="200"></iframe>',
+ '<iframe src="https://www.youtube.com/embed/7331?autohide=1&controls=2&rel=0&enablejsapi=1&origin=http%3A%2F%2Ftest.server.org&showinfo=0" allowfullscreen width="300" height="200"></iframe>',
$this->subject->render($fileResourceMock, '300m', '200', ['relatedVideos' => 0])
);
}
--
GitLab