Player: allow styles on CSP, loop videos

2019-02-19 18:56:57 +01:00 · 2019-02-19 18:56:57 +01:00 · f4bfc628ca
commit f4bfc628ca
parent aa9af1d639
4 changed files with 9 additions and 9 deletions
--- a/lib/pleroma/web/metadata/player_view.ex
+++ b/lib/pleroma/web/metadata/player_view.ex
@ -3,10 +3,10 @@ defmodule Pleroma.Web.Metadata.PlayerView do
  import Phoenix.HTML.Tag, only: [content_tag: 3, tag: 2]

  def render("player.html", %{"mediaType" => type, "href" => href}) do
-    tag_type =
+    {tag_type, tag_attrs} =
      case type do
-        "audio" <> _ -> :audio
-        "video" <> _ -> :video
+        "audio" <> _ -> {:audio, []}
+        "video" <> _ -> {:video, [loop: true]}
      end

    content_tag(
@ -15,7 +15,7 @@ def render("player.html", %{"mediaType" => type, "href" => href}) do
        tag(:source, src: href, type: type),
        "Your browser does not support #{type} playback."
      ],
-      controls: true
+      [controls: true] ++ tag_attrs
    )
  end
 end
--- a/lib/pleroma/web/metadata/twitter_card.ex
+++ b/lib/pleroma/web/metadata/twitter_card.ex
@ -104,8 +104,8 @@ defp build_attachments(id, z = %{data: %{"attachment" => attachments}}) do
              [
                {:meta, [property: "twitter:card", content: "player"], []},
                {:meta, [property: "twitter:player", content: player_url(id)], []},
-                {:meta, [property: "twitter:player:width", content: "1280"], []},
-                {:meta, [property: "twitter:player:height", content: "720"], []}
+                {:meta, [property: "twitter:player:width", content: "480"], []},
+                {:meta, [property: "twitter:player:height", content: "480"], []}
                | acc
              ]

--- a/lib/pleroma/web/ostatus/ostatus_controller.ex
+++ b/lib/pleroma/web/ostatus/ostatus_controller.ex
@ -197,7 +197,7 @@ def notice_player(conn, %{"id" => id}) do
      |> put_resp_header("x-frame-options", "ALLOW")
      |> put_resp_header(
        "content-security-policy",
-        "default-src 'none'; img-src 'self' data: https:; media-src 'self' https:;"
+        "default-src 'none';style-src 'self' 'unsafe-inline';img-src 'self' data: https:; media-src 'self' https:;"
      )
      |> put_view(Pleroma.Web.Metadata.PlayerView)
      |> render("player.html", url)
--- a/lib/pleroma/web/templates/layout/metadata_player.html.eex
+++ b/lib/pleroma/web/templates/layout/metadata_player.html.eex
@ -3,10 +3,10 @@
 <body>

 <style type="text/css">
-video {
+video, audio {
   width:100%;
   max-width:600px;
-   height:auto;
+   height: auto;
 }
 </style>