Closed
Bug 436572
Opened 16 years ago
Closed 15 years ago
Planet stripping embedded videos and other items from republished posts
Categories
(Websites :: planet.mozilla.org, defect)
Websites
planet.mozilla.org
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: deb, Assigned: asa)
References
Details
I wrote a post today that included an embedded YouTube video that planet.mo stripped out before republishing. Previously, I've had it strip digg buttons out of my posts. It would be great if it would stop doing that :)
Assignee | ||
Comment 1•16 years ago
|
||
Ideally we'd do the right thing here for both the html and the feeds, making the video an embed in the html and an enclosure in the feeds.
Comment 2•16 years ago
|
||
Up to you: acceptable_elements and acceptable_attributes in class _HTMLSanitizer in feedparser.py. Just be sure you understand why you feel that the dire warnings in http://www.feedparser.org/docs/html-sanitization.html don't apply to you (oh, and don't expect that including it in pmo's feed will mean that consumers of that feed will see it, since lots of readers use the same or a similar whitelist).
Comment 3•16 years ago
|
||
Based on comment #2, I recommend WONTFIX. We've had blogs hacked before.
Comment 4•16 years ago
|
||
(In reply to comment #3) > Based on comment #2, I recommend WONTFIX. We've had blogs hacked before. > I'm inclined to second that. Best bet would be to suggest visiting the permalink, as that's what most blogs do. If anything is enabled, perhaps we should whitelist <object/> and <embed/> only for certain url's. YouTube, Google Video, and several of the more popular video providers. That would cover most cases of use.
Comment 5•15 years ago
|
||
Just use <video>. It works fine on planet.
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•