The embedded iframe filter doesn't support scheme-relative URLs such as "//youtube.com" (now used in the YouTube and Vimeo embed code)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Fix Released
|
High
|
Robert Lyon | ||
1.6 |
Fix Released
|
High
|
Robert Lyon | ||
1.7 |
Fix Released
|
High
|
Robert Lyon | ||
1.8 |
Fix Released
|
High
|
Robert Lyon |
Bug Description
In response to FireFox's change in not supporting iframes with a http/https protocol that doesn't match the protocol of the parent page, YouTube's embed code now lists protocol-relative URLs. These start with "//www.
Since we already store the allowed iframe domains without a protocol in front of them, we should also support these protocol-relative URLs.
To replicate:
1. Open up a YouTube video on youtube.com
2. Click "Share" and then "Embed"
3. Make sure you have NOT ticked the "Use old embed code" box
4. You should get an iframe embed code, like this: <iframe width="420" height="315" src="//
5. Paste this into an external media block or a text block in Mahara
Expected result: You should be able to view the video once you've saved the block
Actual result: The block will not display the video
Changed in mahara: | |
status: | In Progress → Fix Committed |
description: | updated |
description: | updated |
Changed in mahara: | |
status: | In Progress → Fix Committed |
summary: |
- YouTube iframe filter doesn't support the //youtube.com URLs YouTube now - provides in embed code + The embedded iframe filter doesn't support scheme-relative URLs such as + "//youtube.com" (now used in the YouTube and Vimeo embed code) |
Changed in mahara: | |
milestone: | 1.5.12 → 1.8.0 |
Changed in mahara: | |
status: | Fix Committed → Fix Released |
Patch submitted /reviews. mahara. org/#/c/ 2384/
https:/
This checks if the iframe code is from youtube and inserts the correct protocol needed.