zhangyuheng/MrDoc
1
0
Fork 0
forked from mirror/MrDoc
Code Pull Requests Activity

取消iframe白名单相关配置及功能

Browse Source
This commit is contained in:
zmister 2022-11-09 21:10:15 +08:00
parent d746d67f80
commit da9b212e54
3 changed files with 3 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app_admin/views.py
View File

@ -1357,12 +1357,6 @@ def admin_setting(request):
return render(request, 'app_admin/admin_setting.html',locals())
# 文档全局设置
elif types == 'doc':
# iframe白名单
iframe_whitelist = request.POST.get('iframe_whitelist','')
SysSetting.objects.update_or_create(
name = 'iframe_whitelist',
defaults = {'value':iframe_whitelist,'types':'doc'}
)
# 上传图片大小
img_size = request.POST.get('img_size', 10)
try:

31
static/editor.md/editormd.js
View File

@ -3624,26 +3624,10 @@
// console.log(text)
switch(text){
case '=video':
if(href.match(/^.+.(mp4|m4v|ogg|ogv|webm)$/)){
return "<video src='"+ href + "' controls='controls' preload width=500></video>"
}else{
for(var i = 0; i< iframe_whitelist.length; i++){
if(href.match(iframe_whitelist[i])){
return "<video src='"+ href + "' controls='controls' preload width=500></video>"
}
}
}
return "<video src='"+ href + "' controls='controls' preload width=500></video>"
break;
case '=audio':
if(href.match(/^.+.(mp3|wav|flac|m4a)$/)){
return "<audio src='"+ href + "' controls='controls'></audio>"
}else{
for(var i = 0; i< iframe_whitelist.length; i++){
if(href.match(iframe_whitelist[i])){
return "<audio src='"+ href + "' controls='controls'></audio>"
}
}
}
return "<audio src='"+ href + "' controls='controls'></audio>"
break;
case '=video_iframe':
const youtubeMatch = href.match(/\/\/(?:www\.)?(?:youtu\.be\/|youtube\.com\/(?:embed\/|v\/|watch\?v=|watch\?.+&v=))([\w|-]{11})(?:(?:[\?&]t=)(\S+))?/);
@ -3672,16 +3656,7 @@
} else if (tedMatch && tedMatch[1]) {
return `<iframe height=400 width=500 frameborder=0 allowfullscreen src="//embed.ted.com/talks/${tedMatch[1]}"></iframe>`
}else{
if(iframe_whitelist.length == 1 && iframe_whitelist[0] == ""){
return href
}else{
for(var i = 0; i< iframe_whitelist.length; i++){
if(href.match(iframe_whitelist[i])){
return '<iframe height=400 width=500 src="' + href +'" frameborder=0 allowfullscreen />'
}
}
}
return '<iframe height=400 width=500 src="' + href +'" frameborder=0 allowfullscreen />'
}
break;
}

10
template/app_admin/admin_setting.html
View File

@ -249,16 +249,6 @@
<form action="" method="post" class="layui-form">
{% csrf_token %}
<input type="text" name="type" hidden value="doc">
<div class="layui-form-item" style="" id="role-user">
<label class="layui-form-label">ifrme白名单</label>
<div class="layui-input-inline">
<div class="tagsinput-primary form-group">
<input name="iframe_whitelist" id="iframe_whitelist" class="tagsinput" data-role="tagsinput" value="{% if iframe_whitelist != '' %}{{iframe_whitelist}}{% endif %}" placeholder="请输入域名">
</div>
</div>
<div class="layui-form-mid layui-word-aux">默认支持YouTube、优酷、QQ视频、Facebook、哔哩哔哩、TED网站仅用于EditorMD编辑器模式</div>
</div>
<div class="layui-form-item" style="" id="role-user">
<label class="layui-form-label">图片大小</label>
<div class="layui-input-inline">