[ Index ]

PHP Cross Reference of WordPress Trunk (Updated Daily)

title

Body

[close]

/wp-includes/ -> class-wp-oembed-controller.php (source)

   1  <?php
   2  /**
   3   * WP_oEmbed_Controller class, used to provide an oEmbed endpoint.
   4   *
   5   * @package WordPress
   6   * @subpackage Embeds
   7   * @since 4.4.0
   8   */
   9  
  10  /**
  11   * oEmbed API endpoint controller.
  12   *
  13   * Registers the API route and delivers the response data.
  14   * The output format (XML or JSON) is handled by the REST API.
  15   *
  16   * @since 4.4.0
  17   */
  18  final class WP_oEmbed_Controller {
  19      /**
  20       * Register the oEmbed REST API route.
  21       *
  22       * @since 4.4.0
  23       */
  24  	public function register_routes() {
  25          /**
  26           * Filters the maxwidth oEmbed parameter.
  27           *
  28           * @since 4.4.0
  29           *
  30           * @param int $maxwidth Maximum allowed width. Default 600.
  31           */
  32          $maxwidth = apply_filters( 'oembed_default_width', 600 );
  33  
  34          register_rest_route(
  35              'oembed/1.0',
  36              '/embed',
  37              array(
  38                  array(
  39                      'methods'  => WP_REST_Server::READABLE,
  40                      'callback' => array( $this, 'get_item' ),
  41                      'args'     => array(
  42                          'url'      => array(
  43                              'required'          => true,
  44                              'sanitize_callback' => 'esc_url_raw',
  45                          ),
  46                          'format'   => array(
  47                              'default'           => 'json',
  48                              'sanitize_callback' => 'wp_oembed_ensure_format',
  49                          ),
  50                          'maxwidth' => array(
  51                              'default'           => $maxwidth,
  52                              'sanitize_callback' => 'absint',
  53                          ),
  54                      ),
  55                  ),
  56              )
  57          );
  58  
  59          register_rest_route(
  60              'oembed/1.0',
  61              '/proxy',
  62              array(
  63                  array(
  64                      'methods'             => WP_REST_Server::READABLE,
  65                      'callback'            => array( $this, 'get_proxy_item' ),
  66                      'permission_callback' => array( $this, 'get_proxy_item_permissions_check' ),
  67                      'args'                => array(
  68                          'url'       => array(
  69                              'description'       => __( 'The URL of the resource for which to fetch oEmbed data.' ),
  70                              'type'              => 'string',
  71                              'required'          => true,
  72                              'sanitize_callback' => 'esc_url_raw',
  73                          ),
  74                          'format'    => array(
  75                              'description' => __( 'The oEmbed format to use.' ),
  76                              'type'        => 'string',
  77                              'default'     => 'json',
  78                              'enum'        => array(
  79                                  'json',
  80                                  'xml',
  81                              ),
  82                          ),
  83                          'maxwidth'  => array(
  84                              'description'       => __( 'The maximum width of the embed frame in pixels.' ),
  85                              'type'              => 'integer',
  86                              'default'           => $maxwidth,
  87                              'sanitize_callback' => 'absint',
  88                          ),
  89                          'maxheight' => array(
  90                              'description'       => __( 'The maximum height of the embed frame in pixels.' ),
  91                              'type'              => 'integer',
  92                              'sanitize_callback' => 'absint',
  93                          ),
  94                          'discover'  => array(
  95                              'description' => __( 'Whether to perform an oEmbed discovery request for non-whitelisted providers.' ),
  96                              'type'        => 'boolean',
  97                              'default'     => true,
  98                          ),
  99                      ),
 100                  ),
 101              )
 102          );
 103      }
 104  
 105      /**
 106       * Callback for the embed API endpoint.
 107       *
 108       * Returns the JSON object for the post.
 109       *
 110       * @since 4.4.0
 111       *
 112       * @param WP_REST_Request $request Full data about the request.
 113       * @return WP_Error|array oEmbed response data or WP_Error on failure.
 114       */
 115  	public function get_item( $request ) {
 116          $post_id = url_to_postid( $request['url'] );
 117  
 118          /**
 119           * Filters the determined post ID.
 120           *
 121           * @since 4.4.0
 122           *
 123           * @param int    $post_id The post ID.
 124           * @param string $url     The requested URL.
 125           */
 126          $post_id = apply_filters( 'oembed_request_post_id', $post_id, $request['url'] );
 127  
 128          $data = get_oembed_response_data( $post_id, $request['maxwidth'] );
 129  
 130          if ( ! $data ) {
 131              return new WP_Error( 'oembed_invalid_url', get_status_header_desc( 404 ), array( 'status' => 404 ) );
 132          }
 133  
 134          return $data;
 135      }
 136  
 137      /**
 138       * Checks if current user can make a proxy oEmbed request.
 139       *
 140       * @since 4.8.0
 141       *
 142       * @return true|WP_Error True if the request has read access, WP_Error object otherwise.
 143       */
 144  	public function get_proxy_item_permissions_check() {
 145          if ( ! current_user_can( 'edit_posts' ) ) {
 146              return new WP_Error( 'rest_forbidden', __( 'Sorry, you are not allowed to make proxied oEmbed requests.' ), array( 'status' => rest_authorization_required_code() ) );
 147          }
 148          return true;
 149      }
 150  
 151      /**
 152       * Callback for the proxy API endpoint.
 153       *
 154       * Returns the JSON object for the proxied item.
 155       *
 156       * @since 4.8.0
 157       *
 158       * @see WP_oEmbed::get_html()
 159       * @param WP_REST_Request $request Full data about the request.
 160       * @return object|WP_Error oEmbed response data or WP_Error on failure.
 161       */
 162  	public function get_proxy_item( $request ) {
 163          $args = $request->get_params();
 164  
 165          // Serve oEmbed data from cache if set.
 166          unset( $args['_wpnonce'] );
 167          $cache_key = 'oembed_' . md5( serialize( $args ) );
 168          $data      = get_transient( $cache_key );
 169          if ( ! empty( $data ) ) {
 170              return $data;
 171          }
 172  
 173          $url = $request['url'];
 174          unset( $args['url'] );
 175  
 176          // Copy maxwidth/maxheight to width/height since WP_oEmbed::fetch() uses these arg names.
 177          if ( isset( $args['maxwidth'] ) ) {
 178              $args['width'] = $args['maxwidth'];
 179          }
 180          if ( isset( $args['maxheight'] ) ) {
 181              $args['height'] = $args['maxheight'];
 182          }
 183  
 184          // Short-circuit process for URLs belonging to the current site.
 185          $data = get_oembed_response_data_for_url( $url, $args );
 186  
 187          if ( $data ) {
 188              return $data;
 189          }
 190  
 191          $data = _wp_oembed_get_object()->get_data( $url, $args );
 192  
 193          if ( false === $data ) {
 194              return new WP_Error( 'oembed_invalid_url', get_status_header_desc( 404 ), array( 'status' => 404 ) );
 195          }
 196  
 197          /** This filter is documented in wp-includes/class-wp-oembed.php */
 198          $data->html = apply_filters( 'oembed_result', _wp_oembed_get_object()->data2html( (object) $data, $url ), $url, $args );
 199  
 200          /**
 201           * Filters the oEmbed TTL value (time to live).
 202           *
 203           * Similar to the {@see 'oembed_ttl'} filter, but for the REST API
 204           * oEmbed proxy endpoint.
 205           *
 206           * @since 4.8.0
 207           *
 208           * @param int    $time    Time to live (in seconds).
 209           * @param string $url     The attempted embed URL.
 210           * @param array  $args    An array of embed request arguments.
 211           */
 212          $ttl = apply_filters( 'rest_oembed_ttl', DAY_IN_SECONDS, $url, $args );
 213  
 214          set_transient( $cache_key, $data, $ttl );
 215  
 216          return $data;
 217      }
 218  }


Generated: Tue Oct 22 08:20:01 2019 Cross-referenced by PHPXref 0.7