aboutsummaryrefslogtreecommitdiffhomepage
path: root/src/Wallabag/CoreBundle/Helper
diff options
context:
space:
mode:
authorJeremy Benoist <jeremy.benoist@gmail.com>2017-05-11 08:14:29 +0200
committerJeremy Benoist <jeremy.benoist@gmail.com>2017-05-31 13:59:45 +0200
commite668a8124c46d47add4248963d77f3b29b37b3ce (patch)
treeb9b56d19b06fe268d025c3591119470162efc99a /src/Wallabag/CoreBundle/Helper
parent4423b88c5b2c2d530b0a83a822f521a61ca4d4b8 (diff)
downloadwallabag-e668a8124c46d47add4248963d77f3b29b37b3ce.tar.gz
wallabag-e668a8124c46d47add4248963d77f3b29b37b3ce.tar.zst
wallabag-e668a8124c46d47add4248963d77f3b29b37b3ce.zip
Allow other fields to be send using API
Entry API can now have these new fields: - content - language - preview_picture - published_at Re-use the ContentProxy to be able to do the same using the web UI (in the future). htmLawed is used to clean stuff from content, I hope it’ll be enough to avoid security breach. Lower content validation when we want to update an entry with content already defined. Before, language & content_type were required. If there weren’t provided, we re-fetched the content using graby. I think these fields aren’t required for an entry to be created. So I removed them. Which means some import from the v1 export won’t be re-fetched since they provide content, url & title. Also, remove liberation link from Readability import to avoid overlaping import (from wallabag v1, which had the same link)
Diffstat (limited to 'src/Wallabag/CoreBundle/Helper')
-rw-r--r--src/Wallabag/CoreBundle/Helper/ContentProxy.php30
1 files changed, 23 insertions, 7 deletions
diff --git a/src/Wallabag/CoreBundle/Helper/ContentProxy.php b/src/Wallabag/CoreBundle/Helper/ContentProxy.php
index 4b3e6fbb..e06ad3d6 100644
--- a/src/Wallabag/CoreBundle/Helper/ContentProxy.php
+++ b/src/Wallabag/CoreBundle/Helper/ContentProxy.php
@@ -45,6 +45,18 @@ class ContentProxy
45 */ 45 */
46 public function updateEntry(Entry $entry, $url, array $content = []) 46 public function updateEntry(Entry $entry, $url, array $content = [])
47 { 47 {
48 // ensure content is a bit cleaned up
49 if (!empty($content['html'])) {
50 $content['html'] = htmLawed($content['html'], [
51 'safe' => 1,
52 // which means: do not remove iframe elements
53 'elements' => '*+iframe',
54 'deny_attribute' => 'style',
55 'comment' => 1,
56 'cdata' => 1,
57 ]);
58 }
59
48 // do we have to fetch the content or the provided one is ok? 60 // do we have to fetch the content or the provided one is ok?
49 if (empty($content) || false === $this->validateContent($content)) { 61 if (empty($content) || false === $this->validateContent($content)) {
50 $fetchedContent = $this->graby->fetchContent($url); 62 $fetchedContent = $this->graby->fetchContent($url);
@@ -57,7 +69,7 @@ class ContentProxy
57 } 69 }
58 70
59 $title = $content['title']; 71 $title = $content['title'];
60 if (!$title && isset($content['open_graph']['og_title'])) { 72 if (!$title && !empty($content['open_graph']['og_title'])) {
61 $title = $content['open_graph']['og_title']; 73 $title = $content['open_graph']['og_title'];
62 } 74 }
63 75
@@ -65,7 +77,7 @@ class ContentProxy
65 if (false === $html) { 77 if (false === $html) {
66 $html = $this->fetchingErrorMessage; 78 $html = $this->fetchingErrorMessage;
67 79
68 if (isset($content['open_graph']['og_description'])) { 80 if (!empty($content['open_graph']['og_description'])) {
69 $html .= '<p><i>But we found a short description: </i></p>'; 81 $html .= '<p><i>But we found a short description: </i></p>';
70 $html .= $content['open_graph']['og_description']; 82 $html .= $content['open_graph']['og_description'];
71 } 83 }
@@ -76,8 +88,12 @@ class ContentProxy
76 $entry->setContent($html); 88 $entry->setContent($html);
77 $entry->setHttpStatus(isset($content['status']) ? $content['status'] : ''); 89 $entry->setHttpStatus(isset($content['status']) ? $content['status'] : '');
78 90
79 if (isset($content['date']) && null !== $content['date'] && '' !== $content['date']) { 91 if (!empty($content['date'])) {
80 $entry->setPublishedAt(new \DateTime($content['date'])); 92 try {
93 $entry->setPublishedAt(new \DateTime($content['date']));
94 } catch (\Exception $e) {
95 $this->logger->warn('Error while defining date', ['e' => $e, 'url' => $url, 'date' => $content['date']]);
96 }
81 } 97 }
82 98
83 if (!empty($content['authors'])) { 99 if (!empty($content['authors'])) {
@@ -97,12 +113,12 @@ class ContentProxy
97 $entry->setDomainName($domainName); 113 $entry->setDomainName($domainName);
98 } 114 }
99 115
100 if (isset($content['open_graph']['og_image']) && $content['open_graph']['og_image']) { 116 if (!empty($content['open_graph']['og_image'])) {
101 $entry->setPreviewPicture($content['open_graph']['og_image']); 117 $entry->setPreviewPicture($content['open_graph']['og_image']);
102 } 118 }
103 119
104 // if content is an image define as a preview too 120 // if content is an image define as a preview too
105 if (isset($content['content_type']) && in_array($this->mimeGuesser->guess($content['content_type']), ['jpeg', 'jpg', 'gif', 'png'], true)) { 121 if (!empty($content['content_type']) && in_array($this->mimeGuesser->guess($content['content_type']), ['jpeg', 'jpg', 'gif', 'png'], true)) {
106 $entry->setPreviewPicture($content['url']); 122 $entry->setPreviewPicture($content['url']);
107 } 123 }
108 124
@@ -128,6 +144,6 @@ class ContentProxy
128 */ 144 */
129 private function validateContent(array $content) 145 private function validateContent(array $content)
130 { 146 {
131 return isset($content['title']) && isset($content['html']) && isset($content['url']) && isset($content['language']) && isset($content['content_type']); 147 return !empty($content['title']) && !empty($content['html']) && !empty($content['url']);
132 } 148 }
133} 149}