Goyslop/4chan-x
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

gist embedding: replace purplegene with sandboxed iframe with data: URI which will work on HTTPS

Browse Source
This commit is contained in:
ccd0 2014-08-09 09:08:45 -07:00
parent 54687be452
commit 7d7c6712f9
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/Linkification/Linkify.coffee
View File

@ -238,9 +238,11 @@ Linkify =
key: 'gist' key: 'gist'
regExp: /.*(?:gist.github.com.*\/)([^\/][^\/]*)$/ regExp: /.*(?:gist.github.com.*\/)([^\/][^\/]*)$/
el: (a) -> el: (a) ->
$.el 'iframe', el = $.el 'iframe'
# Github doesn't allow embedding straight from the site, so we use an external site to bypass that. el.setAttribute 'sandbox', 'allow-scripts'
src: "http://www.purplegene.com/script?url=https://gist.github.com/#{a.dataset.uid}.js" content = <%= html('<html><head><title>${a.dataset.uid}</title></head><body><script src="https://gist.github.com/${a.dataset.uid}.js"></script></body></html>') %>
el.src = "data:text/html;charset=utf-8,<!doctype html>#{encodeURIComponent content.innerHTML}"
el
title: title:
api: (uid) -> "https://api.github.com/gists/#{uid}" api: (uid) -> "https://api.github.com/gists/#{uid}"
text: ({files}) -> text: ({files}) ->