aboutsummaryrefslogtreecommitdiffhomepage
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/middlewares/validators/oembed.ts16
-rw-r--r--server/tests/api/server/services.ts66
2 files changed, 50 insertions, 32 deletions
diff --git a/server/middlewares/validators/oembed.ts b/server/middlewares/validators/oembed.ts
index 5e47211b5..96c8adc99 100644
--- a/server/middlewares/validators/oembed.ts
+++ b/server/middlewares/validators/oembed.ts
@@ -62,12 +62,26 @@ const oembedValidator = [
62 62
63 const url = req.query.url as string 63 const url = req.query.url as string
64 64
65 let urlPath: string
66
67 try {
68 urlPath = new URL(url).pathname
69 } catch (err) {
70 return res.fail({
71 status: HttpStatusCode.BAD_REQUEST_400,
72 message: err.message,
73 data: {
74 url
75 }
76 })
77 }
78
65 const isPlaylist = startPlaylistURLs.some(u => url.startsWith(u)) 79 const isPlaylist = startPlaylistURLs.some(u => url.startsWith(u))
66 const isVideo = isPlaylist ? false : startVideoURLs.some(u => url.startsWith(u)) 80 const isVideo = isPlaylist ? false : startVideoURLs.some(u => url.startsWith(u))
67 81
68 const startIsOk = isVideo || isPlaylist 82 const startIsOk = isVideo || isPlaylist
69 83
70 const matches = watchRegex.exec(url) 84 const matches = watchRegex.exec(urlPath)
71 85
72 if (startIsOk === false || matches === null) { 86 if (startIsOk === false || matches === null) {
73 return res.fail({ 87 return res.fail({
diff --git a/server/tests/api/server/services.ts b/server/tests/api/server/services.ts
index 69d030dbb..3a87df981 100644
--- a/server/tests/api/server/services.ts
+++ b/server/tests/api/server/services.ts
@@ -52,42 +52,46 @@ describe('Test services', function () {
52 52
53 it('Should have a valid oEmbed video response', async function () { 53 it('Should have a valid oEmbed video response', async function () {
54 for (const basePath of [ '/videos/watch/', '/w/' ]) { 54 for (const basePath of [ '/videos/watch/', '/w/' ]) {
55 const oembedUrl = 'http://localhost:' + server.port + basePath + video.uuid 55 for (const suffix of [ '', '?param=1' ]) {
56 56 const oembedUrl = server.url + basePath + video.uuid + suffix
57 const res = await server.services.getOEmbed({ oembedUrl }) 57
58 const expectedHtml = '<iframe width="560" height="315" sandbox="allow-same-origin allow-scripts" ' + 58 const res = await server.services.getOEmbed({ oembedUrl })
59 `title="${video.name}" src="http://localhost:${server.port}/videos/embed/${video.uuid}" ` + 59 const expectedHtml = '<iframe width="560" height="315" sandbox="allow-same-origin allow-scripts" ' +
60 'frameborder="0" allowfullscreen></iframe>' 60 `title="${video.name}" src="http://localhost:${server.port}/videos/embed/${video.uuid}" ` +
61 const expectedThumbnailUrl = 'http://localhost:' + server.port + video.previewPath 61 'frameborder="0" allowfullscreen></iframe>'
62 62 const expectedThumbnailUrl = 'http://localhost:' + server.port + video.previewPath
63 expect(res.body.html).to.equal(expectedHtml) 63
64 expect(res.body.title).to.equal(video.name) 64 expect(res.body.html).to.equal(expectedHtml)
65 expect(res.body.author_name).to.equal(server.store.channel.displayName) 65 expect(res.body.title).to.equal(video.name)
66 expect(res.body.width).to.equal(560) 66 expect(res.body.author_name).to.equal(server.store.channel.displayName)
67 expect(res.body.height).to.equal(315) 67 expect(res.body.width).to.equal(560)
68 expect(res.body.thumbnail_url).to.equal(expectedThumbnailUrl) 68 expect(res.body.height).to.equal(315)
69 expect(res.body.thumbnail_width).to.equal(850) 69 expect(res.body.thumbnail_url).to.equal(expectedThumbnailUrl)
70 expect(res.body.thumbnail_height).to.equal(480) 70 expect(res.body.thumbnail_width).to.equal(850)
71 expect(res.body.thumbnail_height).to.equal(480)
72 }
71 } 73 }
72 }) 74 })
73 75
74 it('Should have a valid playlist oEmbed response', async function () { 76 it('Should have a valid playlist oEmbed response', async function () {
75 for (const basePath of [ '/videos/watch/playlist/', '/w/p/' ]) { 77 for (const basePath of [ '/videos/watch/playlist/', '/w/p/' ]) {
76 const oembedUrl = 'http://localhost:' + server.port + basePath + playlistUUID 78 for (const suffix of [ '', '?param=1' ]) {
77 79 const oembedUrl = server.url + basePath + playlistUUID + suffix
78 const res = await server.services.getOEmbed({ oembedUrl }) 80
79 const expectedHtml = '<iframe width="560" height="315" sandbox="allow-same-origin allow-scripts" ' + 81 const res = await server.services.getOEmbed({ oembedUrl })
80 `title="${playlistDisplayName}" src="http://localhost:${server.port}/video-playlists/embed/${playlistUUID}" ` + 82 const expectedHtml = '<iframe width="560" height="315" sandbox="allow-same-origin allow-scripts" ' +
81 'frameborder="0" allowfullscreen></iframe>' 83 `title="${playlistDisplayName}" src="http://localhost:${server.port}/video-playlists/embed/${playlistUUID}" ` +
82 84 'frameborder="0" allowfullscreen></iframe>'
83 expect(res.body.html).to.equal(expectedHtml) 85
84 expect(res.body.title).to.equal('The Life and Times of Scrooge McDuck') 86 expect(res.body.html).to.equal(expectedHtml)
85 expect(res.body.author_name).to.equal(server.store.channel.displayName) 87 expect(res.body.title).to.equal('The Life and Times of Scrooge McDuck')
86 expect(res.body.width).to.equal(560) 88 expect(res.body.author_name).to.equal(server.store.channel.displayName)
87 expect(res.body.height).to.equal(315) 89 expect(res.body.width).to.equal(560)
88 expect(res.body.thumbnail_url).exist 90 expect(res.body.height).to.equal(315)
89 expect(res.body.thumbnail_width).to.equal(280) 91 expect(res.body.thumbnail_url).exist
90 expect(res.body.thumbnail_height).to.equal(157) 92 expect(res.body.thumbnail_width).to.equal(280)
93 expect(res.body.thumbnail_height).to.equal(157)
94 }
91 } 95 }
92 }) 96 })
93 97