Hello, Recently, the WP editor started to remove iframes from the post code when saving, so I'm unable to embed an airmo video. This has been working correctly since we have been using it for all our weekly meeting calls posts. This is the code: <iframe src="https://air.mozilla.org/reps-weekly-20150409/video/" width="640" height="380" frameborder="0" allowfullscreen="allowfullscreen"></iframe> Here it's the draft where I'm trying to add it, it's removed on save: https://blog.mozilla.org/mozillareps/wp-admin/post.php?post=332&action=edit Here you can see other post where the iframe code is working: https://blog.mozilla.org/mozillareps/2015/03/27/reps-weekly-call-march-26th-2015/
I believe this may have been impacted by our wordpress upgrade & migration. From how I read it, its the default WordPress stripping that occurs on a Multisite Installation for all users but the Admin. Typical solutions suggested online are to install a 2 year old plugin or modify some php. Let me talk with the team and find out if there is a suggest workaround we can use.
Ryan, Any movement here?
Unfortunately not. From what I can tell, this just isn't possible via current methods due to the way multi-site's work without taking a risk on old code. Any opinion Craig?
The iframe element is stripped for non-admin users for very practical security reasons. There's not really anything we can do on the hosting end to allow iframes. However, we do have some other options... There are various iframe plugins that circumvent the HTML filtering by defining an equivalent shortcode, e.g. [iframe src="foo"][/iframe] (this is also fairly simple to do without a plugin, just takes a little bit of code in the theme). The downside of this approach is there are no restrictions on which URLs can be framed so it potentially opens us up to all the risks that stripping the tag is supposed to protect us from in the first place. A better option would be to add air.mozilla.org to the list of allowed providers for WordPress' built-in oEmbed API (see http://codex.wordpress.org/Function_Reference/wp_oembed_add_provider), allowing you to embed airmo videos the same way you can embed youtube videos. I might need to work with the airmo devs to make this work but I think it should be doable. Sorry this has gone neglected for so long. I'll try to make some time to work on it soon. Also moving this bug to another component, since it's not really a webops issue at this point.
Craig, where are we with this bug? Is this still happening. It's over 400 days old, so if not, I would be inclined to close it. Thanks
Thanks for the ping. It is still the case that iframes are stripped and we haven't established another means of adding arbitrary iframes, nor have we added airmo to the list oEmbed providers. In other words I've done nothing since my previous comment seven months ago, there's been no other changes, and nobody else has complained. I'd still like to make airmo videos embeddable so I'm happy to keep this bug open rather than wontfix-ing it, but it's not an urgent priority. I may be able to work on this soon now that I've been reminded.
Bulk move to Websites::blogs component, per bug 1353528
Closing this out 3 years later. Please file another bug if needed, thanks!
Hi, This request is still valid, we still want to have airmo videos embedded. Thanks.
(In reply to Joey Krejci [:joeyk] from comment #8) > Closing this out 3 years later. Please file another bug if needed, thanks! Joey - will you reach out to Andy Kochendorfer to see what might be possible with the upcoming INXPO solution?
Hey Sean, After reaching out to Andy I dont think INXPO is the right solution. Not sure what is, so for now we will backlog this bug to explore at another time. Hello Joey! Reading over the bug; I am not sure that the INXPO content management system will allow embedding of videos into a frame. The content management system (library) uses SAML (Auth0) to authentic all viewers so we can restrict non-public content, so even if feasible, viewers would get the Auth0 pop-up requesting them to login with Google, GitHub, or an email address (which I don't think is the experience that you are looking for?). This is a sample direct link to on demand content within the INXPO portal (I am still building it out - we just got the contract approved): https://onlinexperiences.com/Launch/Event.htm?ShowKey=44908&DisplayItem=E230878 This is the top level of the library: https://onlinexperiences.com/scripts/Server.nxp?LASCmd=L:0&AI=1&InitialDisplay=1&ClientBrowser=0&ShowKey=44908