jekyll-embed-urls 0.4.0 → 0.4.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +12 -0
- data/README.md +13 -4
- data/lib/jekyll/embed.rb +9 -3
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a414c302d33fdb35c35e420ae07e6fc5c8f90e2fba9b4ba2e8b2961fbd94a8f4
|
4
|
+
data.tar.gz: bf0d28a49c111e48d7f02d6ddc9fc258356b0e1dc3409870bb75206549cab968
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9df2638f34fcbcee2a9ace50686fff8e22dff2c7168ca60673634032a97cf65fdb4b1e902e517aa81e5c1ffdc95e8a5f8eb4c53e3d160f6f872615b6b94cb7e6
|
7
|
+
data.tar.gz: eb64bf3fc323c3ec0159de2314aa8165c90a79ed95a21ecf497d8ec7aa2b79f4db3cf4e11c8386f0cf8a38c698e94af2c42b32440c656b044dbf216d780468b2
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
@@ -54,10 +54,10 @@ embed:
|
|
54
54
|
- allow-scripts
|
55
55
|
- allow-popups
|
56
56
|
allow:
|
57
|
-
- fullscreen
|
58
|
-
- gyroscope
|
59
|
-
- picture-in-picture
|
60
|
-
- clipboard-write
|
57
|
+
- fullscreen;
|
58
|
+
- gyroscope;
|
59
|
+
- picture-in-picture;
|
60
|
+
- clipboard-write;
|
61
61
|
loading: 'lazy'
|
62
62
|
controls: true
|
63
63
|
rel:
|
@@ -162,6 +162,15 @@ Anti-tracking techniques implemented are:
|
|
162
162
|
If you find more useful techniques, please [open an issue
|
163
163
|
report](https://0xacab.org/sutty/jekyll/jekyll-embed-urls/-/issues).
|
164
164
|
|
165
|
+
## Feature policy
|
166
|
+
|
167
|
+
[Feature
|
168
|
+
policy](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy)
|
169
|
+
is a list of directives for allowing or denying features.
|
170
|
+
|
171
|
+
The directives are separated by semicolons. Any directive not mentioned
|
172
|
+
in the configuration is assumed to have a "none" policy by this plugin.
|
173
|
+
|
165
174
|
## Contributing
|
166
175
|
|
167
176
|
Bug reports and pull requests are welcome on 0xacab.org at
|
data/lib/jekyll/embed.rb
CHANGED
@@ -55,6 +55,10 @@ module Jekyll
|
|
55
55
|
MEDIA_ATTRIBUTES = %w[controls].freeze
|
56
56
|
A_ATTRIBUTES = %w[referrerpolicy rel target].freeze
|
57
57
|
|
58
|
+
# Directive from Feature Policy
|
59
|
+
# @see {https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy#directives}
|
60
|
+
DIRECTIVES = %w[accelerometer ambient-light-sensor autoplay battery camera display-capture document-domain encrypted-media execution-while-not-rendered execution-while-out-of-viewport fullscreen gamepad geolocation gyroscope layout-animations legacy-image-formats magnetometer microphone midi navigation-override oversized-images payment picture-in-picture publickey-credentials-get speaker-selection sync-xhr usb screen-wake-lock web-share xr-spatial-tracking].freeze
|
61
|
+
|
58
62
|
# Templates
|
59
63
|
INCLUDE_OGP = '{% include ogp.html site=site page=page %}'
|
60
64
|
INCLUDE_FALLBACK = '{% include fallback.html site=site page=page %}'
|
@@ -74,7 +78,7 @@ module Jekyll
|
|
74
78
|
'attributes' => {
|
75
79
|
'referrerpolicy' => 'strict-origin-when-cross-origin',
|
76
80
|
'sandbox' => %w[allow-scripts allow-popups],
|
77
|
-
'allow' => %w[fullscreen gyroscope picture-in-picture clipboard-write],
|
81
|
+
'allow' => %w[fullscreen; gyroscope; picture-in-picture; clipboard-write;],
|
78
82
|
'loading' => 'lazy',
|
79
83
|
'controls' => true,
|
80
84
|
'rel' => %w[noopener noreferrer],
|
@@ -144,7 +148,9 @@ module Jekyll
|
|
144
148
|
|
145
149
|
# @return [Hash]
|
146
150
|
def config
|
147
|
-
@config ||= Jekyll::Utils.deep_merge_hashes(DEFAULT_CONFIG, (site.config['embed'] || {}))
|
151
|
+
@config ||= Jekyll::Utils.deep_merge_hashes(DEFAULT_CONFIG, (site.config['embed'] || {})).tap do |c|
|
152
|
+
c['attributes']['allow'].concat (DIRECTIVES - c.dig('attributes', 'allow').join.split(';').map { |s| s.split(' ').first }).join(" 'none';|").split('|')
|
153
|
+
end
|
148
154
|
end
|
149
155
|
|
150
156
|
# Try for OEmbed
|
@@ -197,7 +203,7 @@ module Jekyll
|
|
197
203
|
'title' => text(title),
|
198
204
|
'description' => text(description),
|
199
205
|
'url' => url,
|
200
|
-
'image' => element
|
206
|
+
'image' => element&.css('img')&.first&.public_send(:[], 'src')
|
201
207
|
}
|
202
208
|
|
203
209
|
fallback_template.render! payload, context
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: jekyll-embed-urls
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- f
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-01-08 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: jekyll
|
@@ -30,14 +30,14 @@ dependencies:
|
|
30
30
|
requirements:
|
31
31
|
- - "~>"
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version:
|
33
|
+
version: 0.16.0
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - "~>"
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version:
|
40
|
+
version: 0.16.0
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: loofah
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|