twitter埋め込みのsandbox属性にallow-popups-to-escape-sandboxを追加 (#12400)
Co-authored-by: unarist <m.unarist@gmail.com>
This commit is contained in:
parent
18bdec9641
commit
c6ed06d783
|
@ -31,7 +31,7 @@ SPDX-License-Identifier: AGPL-3.0-only
|
||||||
<iframe
|
<iframe
|
||||||
ref="tweet"
|
ref="tweet"
|
||||||
allow="fullscreen;web-share"
|
allow="fullscreen;web-share"
|
||||||
sandbox="allow-popups allow-scripts allow-same-origin"
|
sandbox="allow-popups allow-popups-to-escape-sandbox allow-scripts allow-same-origin"
|
||||||
scrolling="no"
|
scrolling="no"
|
||||||
:style="{ position: 'relative', width: '100%', height: `${tweetHeight}px`, border: 0 }"
|
:style="{ position: 'relative', width: '100%', height: `${tweetHeight}px`, border: 0 }"
|
||||||
:src="`https://platform.twitter.com/embed/index.html?embedId=${embedId}&hideCard=false&hideThread=false&lang=en&theme=${defaultStore.state.darkMode ? 'dark' : 'light'}&id=${tweetId}`"
|
:src="`https://platform.twitter.com/embed/index.html?embedId=${embedId}&hideCard=false&hideThread=false&lang=en&theme=${defaultStore.state.darkMode ? 'dark' : 'light'}&id=${tweetId}`"
|
||||||
|
|
|
@ -150,7 +150,7 @@ describe('MkUrlPreview', () => {
|
||||||
});
|
});
|
||||||
assert.exists(iframe, 'iframe should exist');
|
assert.exists(iframe, 'iframe should exist');
|
||||||
assert.strictEqual(iframe?.getAttribute('allow'), 'fullscreen;web-share');
|
assert.strictEqual(iframe?.getAttribute('allow'), 'fullscreen;web-share');
|
||||||
assert.strictEqual(iframe?.getAttribute('sandbox'), 'allow-popups allow-scripts allow-same-origin');
|
assert.strictEqual(iframe?.getAttribute('sandbox'), 'allow-popups allow-popups-to-escape-sandbox allow-scripts allow-same-origin');
|
||||||
});
|
});
|
||||||
|
|
||||||
test('Loading a post in iframe', async () => {
|
test('Loading a post in iframe', async () => {
|
||||||
|
@ -159,6 +159,6 @@ describe('MkUrlPreview', () => {
|
||||||
});
|
});
|
||||||
assert.exists(iframe, 'iframe should exist');
|
assert.exists(iframe, 'iframe should exist');
|
||||||
assert.strictEqual(iframe?.getAttribute('allow'), 'fullscreen;web-share');
|
assert.strictEqual(iframe?.getAttribute('allow'), 'fullscreen;web-share');
|
||||||
assert.strictEqual(iframe?.getAttribute('sandbox'), 'allow-popups allow-scripts allow-same-origin');
|
assert.strictEqual(iframe?.getAttribute('sandbox'), 'allow-popups allow-popups-to-escape-sandbox allow-scripts allow-same-origin');
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
Loading…
Reference in a new issue