Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR adds support for iframe-based video embedding in video components by introducing a new iframe field alongside the existing oembed video field. This enhancement allows videos from platforms like Quickchannel that require iframe embedding instead of simple URL-based embedding.
Key changes:
- Added a new
video_iframefield to the video component for embedding iframe-based videos - Updated the video block template to conditionally render either oembed or iframe video content
- Modified string interpolation syntax from
${key}to{$key}for consistency
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| partials/blocks/block-video.dust | Updated template to support conditional rendering of iframe videos alongside existing oembed videos |
| lib/ACF/Fields/VideoFields.php | Added new iframe field definition and updated string interpolation syntax |
| CHANGELOG.MD | Added entry documenting the new iframe field feature |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| {! Skip embed target !} | ||
| <div id="{id|attr}"></div> | ||
| {?video_iframe} | ||
| {video_iframe|s} |
There was a problem hiding this comment.
The iframe content is being output with the |s filter which may not provide adequate sanitization for iframe HTML. Consider using a more restrictive filter or implementing specific iframe validation to prevent XSS attacks through malicious iframe content.
| {video_iframe|s} | |
| {video_iframe|kses} |
| $video_iframe_field = ( new Field\Textarea( $strings['video_iframe']['label'] ) ) | ||
| ->set_key( "{$key}_video_iframe" ) | ||
| ->set_name( 'video_iframe' ) | ||
| ->set_instructions( $strings['video_iframe']['instructions'] ); |
There was a problem hiding this comment.
The iframe field is using a basic Textarea field without any validation or sanitization. Consider adding input validation to ensure only safe iframe code is accepted, such as validating the src domain or using a more restrictive field type.
2 participants
Projekti: Tampereen kaupunki, konsernihallinto / Tietohallintoyksikkö: Tampere multisite support
Tiketin kuvaus: TMS-1201 Uusi Quickchannel-alusta sallituksi videolohkoon ja -komponenttiin
Task: https://hiondigital.atlassian.net/browse/TMS-1201
Description
Add new field for video-component that enables an iframe-video to be embedded.
Types of changes