提问人:mstdmstd 提问时间:8/3/2023 更新时间:8/7/2023 访问量:79
为什么带有 mews/purifier 的 youtube 链接不支持元素“iframe”?
Why Element 'iframe' is not supported for youtube links with mews/purifier?
问:
在带有马厩/净化器的 laravel 8 应用程序中:3.4, 我需要显示 youtube 视频(使用 <iframe 定义......
由于 youtube iframe 块被 \Purifier::clean( 方法清除,我发现分支 Laravel Package Purifer 不适用于 iframe
并尝试修改我的配置/净化器 .php 文件,例如:
'settings' => [
'default' => [
'HTML.Doctype' => 'HTML 4.01 Transitional',
// I added this iframe rule
'HTML.Allowed' => 'iframe[src|width|height|class|frameborder],h1,h2,h3,div,blockquote,table,tbody,tr,td,figure,b,strong,i,em,u,a[href|title],ul,ol,li,p[style],br,span[style],img[width|height|alt|src]',
'CSS.AllowedProperties' => 'font,font-size,font-weight,font-style,font-family,text-decoration,padding-left,color,background-color,text-align',
'AutoFormat.AutoParagraph' => false,
'AutoFormat.RemoveEmpty' => true,
],
'test' => [
'Attr.EnableID' => 'true',
],
'youtube' => [
"HTML.SafeIframe" => 'true',
"Filter.YouTube" => 'true',
// I suppose this rule means all iframes are allowed
"URI.SafeIframeRegexp" => '%.+%',
],
但是我遇到了错误:
Element 'iframe' is not supported (for information on implementing this, see the support forums)
(View: /mnt/_work_sdb8/wwwroot/lar/HRBrazy/affiliate/resources/views/news/show.blade.php)
如何解决这个问题?
答:
1赞
pinkgothic
8/5/2023
#1
该配置看起来适合 HTML Purifier。此脚本执行应有的操作:
// requiring HTMLPurifier.auto.php up here somewhere, no other code up here but that.
$dirtyHtml = '
<iframe width="560" height="315" src="https://www.youtube.com/embed/ydYDqZQpim8" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" allowfullscreen></iframe>
';
$knobs = [
'AutoFormat.AutoParagraph' => false,
'AutoFormat.RemoveEmpty' => true,
'CSS.AllowedProperties' => 'font,font-size,font-weight,font-style,font-family,text-decoration,padding-left,color,background-color,text-align',
'Filter.YouTube' => 'true',
'HTML.Allowed' => 'iframe[src|width|height|class|frameborder],h1,h2,h3,div,blockquote,table,tbody,tr,td,figure,b,strong,i,em,u,a[href|title],ul,ol,li,p[style],br,span[style],img[width|height|alt|src]',
'HTML.Doctype' => 'HTML 4.01 Transitional',
'HTML.SafeIframe' => 'true',
'URI.SafeIframeRegexp' => '%.+%',
];
$config = HTMLPurifier_Config::createDefault();
foreach ($knobs as $setting => $value) {
$config->set($setting, $value);
}
$purifier = new HTMLPurifier($config);
$cleanHtml = $purifier->purify($dirtyHtml);
echo $cleanHtml . PHP_EOL;
这给了我:
<iframe width="560" height="315" src="https://www.youtube.com/embed/ydYDqZQpim8" frameborder="0"></iframe>
但是,如果我注释掉您的配置块中的行,如下所示:'youtube'
// ...
$knobs = [
'AutoFormat.AutoParagraph' => false,
'AutoFormat.RemoveEmpty' => true,
'CSS.AllowedProperties' => 'font,font-size,font-weight,font-style,font-family,text-decoration,padding-left,color,background-color,text-align',
// 'Filter.YouTube' => 'true',
'HTML.Allowed' => 'iframe[src|width|height|class|frameborder],h1,h2,h3,div,blockquote,table,tbody,tr,td,figure,b,strong,i,em,u,a[href|title],ul,ol,li,p[style],br,span[style],img[width|height|alt|src]',
'HTML.Doctype' => 'HTML 4.01 Transitional',
// 'HTML.SafeIframe' => 'true',
// 'URI.SafeIframeRegexp' => '%.+%',
];
// ...
...然后我得到你的错误:
PHP Warning: Element 'iframe' is not supported (for information on implementing this, see the support forums) in /<...>/HTMLDefinition.php on line 311
PHP Stack trace:
<...>
不幸的是,我对这里的 Laravel 集成一无所知,以及您如何选择哪个配置处于活动状态,但如果您确保 和 块实际上被组合和使用,这应该可以解决您的问题。'youtube''default'
评论
0赞
mstdmstd
8/6/2023
我试图遵循您的建议,并将所有项目从“默认”组下的“youtube”中移出,清除后一切正常。你能不能更详细地解释一下,并在你的回复中编辑一下——我会接受的......
0赞
pinkgothic
8/8/2023
你应该接受 MD Golam Rakib 的回答,因为这实际上解决了你的问题。:)我将把我的答案留在这里,因为关于我如何调试你的问题的 HTML Purifier 方面的信息可能对偶然发现这个问题的人有用。
2赞
MD Golam Rakib
8/7/2023
#2
最后只需添加“youtube”作为配置,它在 laravel 10 中对我有用:
clean($request->body, 'youtube');
评论