IFrameUrlHelper.php

Same filename and directory in other branches
  1. 8.9.x core/modules/media/src/IFrameUrlHelper.php
  2. 10 core/modules/media/src/IFrameUrlHelper.php
  3. 11.x core/modules/media/src/IFrameUrlHelper.php

Namespace

Drupal\media

File

core/modules/media/src/IFrameUrlHelper.php

View source 
<?php

namespace Drupal\media;

use Drupal\Component\Utility\Crypt;
use Drupal\Core\PrivateKey;
use Drupal\Core\Routing\RequestContext;
use Drupal\Core\Site\Settings;

/**
 * Providers helper functions for displaying oEmbed resources in an iFrame.
 *
 * @internal
 *   This is an internal part of the oEmbed system and should only be used by
 *   oEmbed-related code in Drupal core.
 */
class IFrameUrlHelper {
    
    /**
     * The request context service.
     *
     * @var \Drupal\Core\Routing\RequestContext
     */
    protected $requestContext;
    
    /**
     * The private key service.
     *
     * @var \Drupal\Core\PrivateKey
     */
    protected $privateKey;
    
    /**
     * IFrameUrlHelper constructor.
     *
     * @param \Drupal\Core\Routing\RequestContext $request_context
     *   The request context service.
     * @param \Drupal\Core\PrivateKey $private_key
     *   The private key service.
     */
    public function __construct(RequestContext $request_context, PrivateKey $private_key) {
        $this->requestContext = $request_context;
        $this->privateKey = $private_key;
    }
    
    /**
     * Hashes an oEmbed resource URL.
     *
     * @param string $url
     *   The resource URL.
     * @param int $max_width
     *   (optional) The maximum width of the resource.
     * @param int $max_height
     *   (optional) The maximum height of the resource.
     *
     * @return string
     *   The hashed URL.
     */
    public function getHash($url, $max_width = NULL, $max_height = NULL) {
        return Crypt::hmacBase64("{$url}:{$max_width}:{$max_height}", $this->privateKey
            ->get() . Settings::getHashSalt());
    }
    
    /**
     * Checks if an oEmbed URL can be securely displayed in an frame.
     *
     * @param string $url
     *   The URL to check.
     *
     * @return bool
     *   TRUE if the URL is considered secure, otherwise FALSE.
     */
    public function isSecure($url) {
        if (!$url) {
            return FALSE;
        }
        $url_host = parse_url($url, PHP_URL_HOST);
        $system_host = parse_url($this->requestContext
            ->getCompleteBaseUrl(), PHP_URL_HOST);
        // The URL is secure if its domain is not the same as the domain of the base
        // URL of the current request.
        return $url_host && $system_host && $url_host !== $system_host;
    }

}

Classes

Title Deprecated Summary
IFrameUrlHelper Providers helper functions for displaying oEmbed resources in an iFrame.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.