miteruzo/btrc-hub
1
0
Fork 0
Code Issues 69 Pull Requests 1 Releases Wiki Activity

PostEmbed の安全性強化(#130) (#263)

Browse Source 
#130

#130

#130

Co-authored-by: miteruzo <miteruzo@naver.com>
Reviewed-on: #263
This commit was merged in pull request #263.
This commit is contained in:
みてるぞ
2026-02-13 12:39:51 +09:00
parent 16bfc6eba2
commit a01c63d972
1 changed files with 23 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
frontend/src/components/PostEmbed.tsx
+22 -4
View File
@@ -18,17 +18,35 @@ export default (({ post }: Props) => {
{ {
case 'nicovideo.jp': case 'nicovideo.jp':
{ {
const [videoId] = url.pathname.match (/(?<=\/watch\/)[a-zA-Z0-9]+?(?=\/|$)/)! const mVideoId = url.pathname.match (/(?<=\/watch\/)[a-zA-Z0-9]+?(?=\/|$)/)
if (!(mVideoId))
break
const [videoId] = mVideoId
return <NicoViewer id={videoId} width={640} height={360}/> return <NicoViewer id={videoId} width={640} height={360}/>
} }
case 'twitter.com': case 'twitter.com':
case 'x.com': case 'x.com':
const [userId] = url.pathname.match (/(?<=\/)[^\/]+?(?=\/|$|\?)/)! {
const [statusId] = url.pathname.match (/(?<=\/status\/)\d+?(?=\/|$|\?)/)! const mUserId = url.pathname.match (/(?<=\/)[^\/]+?(?=\/|$|\?)/)
const mStatusId = url.pathname.match (/(?<=\/status\/)\d+?(?=\/|$|\?)/)
if (!(mUserId) || !(mStatusId))
break
const [userId] = mUserId
const [statusId] = mStatusId
return <TwitterEmbed userId={userId} statusId={statusId}/> return <TwitterEmbed userId={userId} statusId={statusId}/>
}
case 'youtube.com': case 'youtube.com':
{ {
const videoId = url.searchParams.get ('v')! const videoId = url.searchParams.get ('v')
if (!(videoId))
break
return ( return (
<YoutubeEmbed videoId={videoId} opts={{ playerVars: { <YoutubeEmbed videoId={videoId} opts={{ playerVars: {
playsinline: 1, playsinline: 1,