Issue #3009003 by ilya.no, phenaproxima, b_sharpe, kirkkala, kekkis, alexpott,... (cf2039b9) · Commits · project / drupal

core/modules/media/media.module

+1 −0

Original line number	Diff line number	Diff line
		@@ -77,6 +77,7 @@ function media_theme() {
		],
		'media_oembed_iframe' => [
		'variables' => [
		'resource' => NULL,
		'media' => NULL,
		'placeholder_token' => '',
		],

core/modules/media/src/Controller/OEmbedIframeController.php

+1 −0

Original line number	Diff line number	Diff line
		@@ -146,6 +146,7 @@ public function render(Request $request) {
		// metadata of the rendered HTML will be captured correctly.
		$element = [
		'#theme' => 'media_oembed_iframe',
		'#resource' => $resource,
		// Even though the resource HTML is untrusted, IFrameMarkup::create()
		// will create a trusted string. The only reason this is okay is
		// because we are serving it in an iframe, which will mitigate the

core/modules/media/tests/modules/media_test_oembed/media_test_oembed.module

+9 −0

Original line number	Diff line number	Diff line
		@@ -7,6 +7,15 @@

		use Drupal\media\OEmbed\Provider;

		/**
		* Implements hook_preprocess_media_oembed_iframe().
		*/
		function media_test_oembed_preprocess_media_oembed_iframe(array &$variables) {
		if ($variables['resource']->getProvider()->getName() === 'YouTube') {
		$variables['media'] = str_replace('?feature=oembed', '?feature=oembed&pasta=rigatoni', (string) $variables['media']);
		}
		}

		/**
		* Implements hook_oembed_resource_url_alter().
		*/

core/modules/media/tests/src/Kernel/OEmbedIframeControllerTest.php

+48 −0

Original line number	Diff line number	Diff line
		@@ -2,6 +2,10 @@

		namespace Drupal\Tests\media\Kernel;

		use Drupal\media\Controller\OEmbedIframeController;
		use Drupal\media\OEmbed\Provider;
		use Drupal\media\OEmbed\Resource;
		use Prophecy\Argument;
		use Symfony\Component\HttpFoundation\Request;

		/**
		@@ -11,6 +15,11 @@
		*/
		class OEmbedIframeControllerTest extends MediaKernelTestBase {

		/**
		* {@inheritdoc}
		*/
		protected static $modules = ['media_test_oembed'];

		/**
		* Data provider for testBadHashParameter().
		*
		@@ -54,4 +63,43 @@ public function testBadHashParameter($hash) {
		$controller($request);
		}

		/**
		* Tests that resources can be used in media_oembed_iframe preprocess.
		*
		* @see media_test_oembed_preprocess_media_oembed_iframe()
		*
		* @covers ::render
		*/
		public function testResourcePassedToPreprocess() {
		$hash = $this->container->get('media.oembed.iframe_url_helper')
		->getHash('', 0, 0);

		$url_resolver = $this->prophesize('\Drupal\media\OEmbed\UrlResolverInterface');
		$resource_fetcher = $this->prophesize('\Drupal\media\OEmbed\ResourceFetcherInterface');

		$provider = new Provider('YouTube', 'https://youtube.com', [
		[
		'url' => 'https://youtube.com/foo',
		],
		]);
		$resource = Resource::rich('<iframe src="https://youtube.com/watch?feature=oembed"></iframe>', 320, 240, $provider);

		$resource_fetcher->fetchResource(Argument::cetera())->willReturn($resource);

		$this->container->set('media.oembed.url_resolver', $url_resolver->reveal());
		$this->container->set('media.oembed.resource_fetcher', $resource_fetcher->reveal());

		$request = new Request([
		'url' => '',
		'hash' => $hash,
		]);
		$content = OEmbedIframeController::create($this->container)
		->render($request)
		->getContent();

		// This query parameter is added by
		// media_test_oembed_preprocess_media_oembed_iframe() for YouTube videos.
		$this->assertStringContainsString('&pasta=rigatoni', $content);
		}

		}