enmi-conf.org: comparison wp/wp-includes/js/wp-embed.js

Mercurial Mercurial > enmi-conf.org / comparison

summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help

wp/wp-includes/js/wp-embed.js

changeset 21	48c4eec2b7e6
parent 19	3d72ae0968f4

equal deleted inserted replaced

-:7b1b88e27a20
+:48c4eec2b7e6
 * WordPress inline HTML embed
 *
 * @since 4.4.0
 * @output wp-includes/js/wp-embed.js
 *
-* This file cannot have ampersands in it. This is to ensure
+* Single line comments should not be used since they will break
-* it can be embedded in older versions of WordPress.
+* the script when inlined in get_post_embed_html(), specifically
-* See https://core.trac.wordpress.org/changeset/35708.
+* when the comments are not stripped out due to SCRIPT_DEBUG
+* being turned on.
 */
 (function ( window, document ) {
 	'use strict';
-	var supportedBrowser = false,
+	/* Abort for ancient browsers. */
-		loaded = false;
+	if ( ! document.querySelector || ! window.addEventListener || typeof URL === 'undefined' ) {
+		return;
-		if ( document.querySelector ) {
+	}
-			if ( window.addEventListener ) {
-				supportedBrowser = true;
-			}
-		}
 	/** @namespace wp */
 	window.wp = window.wp || {};
+	/* Abort if script was already executed. */
 	if ( !! window.wp.receiveEmbedMessage ) {
 		return;
 	}
 	/**
 	 * @param {MessageEvent} e
 	 */
 	window.wp.receiveEmbedMessage = function( e ) {
 		var data = e.data;
-		if ( ! data ) {
+		/* Verify shape of message. */
-			return;
+		if (
-		}
+			! ( data || data.secret || data.message || data.value ) ||
+			/[^a-zA-Z0-9]/.test( data.secret )
-		if ( ! ( data.secret || data.message || data.value ) ) {
+		) {
-			return;
-		}
-		if ( /[^a-zA-Z0-9]/.test( data.secret ) ) {
 			return;
 		}
 		var iframes = document.querySelectorAll( 'iframe[data-secret="' + data.secret + '"]' ),
 			blockquotes = document.querySelectorAll( 'blockquote[data-secret="' + data.secret + '"]' ),
+			allowedProtocols = new RegExp( '^https?:$', 'i' ),
 			i, source, height, sourceURL, targetURL;
 		for ( i = 0; i < blockquotes.length; i++ ) {
 			blockquotes[ i ].style.display = 'none';
 		}
 				continue;
 			}
 			source.removeAttribute( 'style' );
-			/* Resize the iframe on request. */
 			if ( 'height' === data.message ) {
+				/* Resize the iframe on request. */
 				height = parseInt( data.value, 10 );
 				if ( height > 1000 ) {
 					height = 1000;
 				} else if ( ~~height < 200 ) {
 					height = 200;
 				}
 				source.height = height;
-			}
+			} else if ( 'link' === data.message ) {
+				/* Link to a specific URL on request. */
+				sourceURL = new URL( source.getAttribute( 'src' ) );
+				targetURL = new URL( data.value );
-			/* Link to a specific URL on request. */
+				if (
-			if ( 'link' === data.message ) {
+					allowedProtocols.test( targetURL.protocol ) &&
-				sourceURL = document.createElement( 'a' );
+					targetURL.host === sourceURL.host &&
-				targetURL = document.createElement( 'a' );
+					document.activeElement === source
+				) {
-				sourceURL.href = source.getAttribute( 'src' );
+					window.top.location.href = data.value;
-				targetURL.href = data.value;
-				/* Only continue if link hostname matches iframe's hostname. */
-				if ( targetURL.host === sourceURL.host ) {
-					if ( document.activeElement === source ) {
-						window.top.location.href = data.value;
-					}
 				}
 			}
 		}
 	};
 	function onLoad() {
-		if ( loaded ) {
+		var iframes = document.querySelectorAll( 'iframe.wp-embedded-content' ),
-			return;
+			i, source, secret;
-		}
-		loaded = true;
-		var isIE10 = -1 !== navigator.appVersion.indexOf( 'MSIE 10' ),
-			isIE11 = !!navigator.userAgent.match( /Trident.*rv:11\./ ),
-			iframes = document.querySelectorAll( 'iframe.wp-embedded-content' ),
-			iframeClone, i, source, secret;
 		for ( i = 0; i < iframes.length; i++ ) {
 			/** @var {IframeElement} */
 			source = iframes[ i ];
 			secret = source.getAttribute( 'data-secret' );
 			if ( ! secret ) {
 				/* Add secret to iframe */
-				secret = Math.random().toString( 36 ).substr( 2, 10 );
+				secret = Math.random().toString( 36 ).substring( 2, 12 );
 				source.src += '#?secret=' + secret;
 				source.setAttribute( 'data-secret', secret );
-			}
-			/* Remove security attribute from iframes in IE10 and IE11. */
-			if ( ( isIE10 || isIE11 ) ) {
-				iframeClone = source.cloneNode( true );
-				iframeClone.removeAttribute( 'security' );
-				source.parentNode.replaceChild( iframeClone, source );
 			}
 			/*
 			 * Let post embed window know that the parent is ready for receiving the height message, in case the iframe
 			 * loaded before wp-embed.js was loaded. When the ready message is received by the post embed window, the
 				secret: secret
 			}, '*' );
 		}
 	}
-	if ( supportedBrowser ) {
+	window.addEventListener( 'message', window.wp.receiveEmbedMessage, false );
-		window.addEventListener( 'message', window.wp.receiveEmbedMessage, false );
+	document.addEventListener( 'DOMContentLoaded', onLoad, false );
-		document.addEventListener( 'DOMContentLoaded', onLoad, false );
-		window.addEventListener( 'load', onLoad, false );
-	}
 })( window, document );

enmi-conf.org