Check that twitter:player is valid before using it (#9254)

Fixes #9251
lolsob-rspec
ThibG 2018-11-10 20:42:04 +01:00 committed by Eugen Rochko
parent 0562e258b3
commit 49889c0b8b
1 changed files with 5 additions and 4 deletions

View File

@ -138,12 +138,13 @@ class FetchLinkCardService < BaseService
guess = detector.detect(@html, @html_charset)
page = Nokogiri::HTML(@html, nil, guess&.fetch(:encoding, nil))
player_url = meta_property(page, 'twitter:player')
if meta_property(page, 'twitter:player')
if player_url && !bad_url?(Addressable::URI.parse(player_url))
@card.type = :video
@card.width = meta_property(page, 'twitter:player:width') || 0
@card.height = meta_property(page, 'twitter:player:height') || 0
@card.html = content_tag(:iframe, nil, src: meta_property(page, 'twitter:player'),
@card.html = content_tag(:iframe, nil, src: player_url,
width: @card.width,
height: @card.height,
allowtransparency: 'true',