Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Block API: Allow block transforms to handle iframes for non-admin users. #19086

Closed
wants to merge 3 commits into from
Closed

Block API: Allow block transforms to handle iframes for non-admin users. #19086

wants to merge 3 commits into from

Conversation

pento
Copy link
Member

@pento pento commented Dec 12, 2019

Description

Fixes #18389.

In the event that a block has a raw transform which turns an iframe into a block, it isn't able to do so for non-admin users, since the iframe is stripped from the content before htmlToBlocks() is run in pasteHandler().

This PR allows htmlToBlocks() to run before stripping any iframes that weren't handled by block transforms.

How has this been tested?

Testing in conjunction with #19084 and Automattic/jetpack#13999, Google Calendar iframes are transformed into Google Calendar blocks.

Alternatively, this can be tested with the routine described in #18389.

Checklist:

  • My code is tested.
  • My code follows the WordPress code style.
  • My code follows the accessibility standards.
  • My code has proper inline documentation.
  • I've included developer documentation if appropriate.
  • I've updated all React Native files affected by any refactorings/renamings in this PR.

@pento pento added [Type] Bug An existing feature does not function as intended [Feature] Paste labels Dec 12, 2019
@pento pento self-assigned this Dec 12, 2019
@ellatrix
Copy link
Member

Could some sort of test be added?

@pento
Copy link
Member Author

pento commented Dec 13, 2019

Added a new test, stripped down the number of filters that are re-run over the pasted content.

ellatrix
ellatrix reviewed Dec 21, 2019
View reviewed changes
test/integration/blocks-raw-handling.test.js
@@ -57,6 +56,28 @@ describe( 'Blocks raw handling', () => {
},
save: () => null,
} );

registerBlockType( 'test/iframe-handler', {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see that it's been done previously, but why are we adding this block type for every test? Shouldn't we isolate it to the test?

ellatrix
ellatrix reviewed Dec 21, 2019
View reviewed changes
packages/blocks/src/api/raw-handling/paste-handler.js
}

pieceBlock.attributes.content = deepFilterHTML( pieceBlock.attributes.content, iframeFilters, blockContentSchema );
pieceBlock.attributes.content = removeInvalidHTML( pieceBlock.attributes.content, schema );
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this pathway tested? The tests seem to pass even with the code removed.

@ellatrix
Copy link
Member

@pento This PR makes me wonder if removing the iframe on paste is actually the right behaviour. Wouldn't it be simpler to let the iframe be pasted, regardless if you can post them or not? The paste handler should ideally not be dependent on any user capabilities. If a user cannot use iframes in a post, they should be removed on publish or on rendering the post, which already happens? After all, they could still paste the iframes in HTML mode. How about just removing the filter?

@pento pento force-pushed the fix/18389-pasting-iframes branch from f46a9d5 to fe45a15 Compare January 7, 2020 04:06
@pento
Copy link
Member Author

pento commented Jan 7, 2020

Thanks for the review, @ellatrix.

This PR makes me wonder if removing the iframe on paste is actually the right behaviour. Wouldn't it be simpler to let the iframe be pasted, regardless if you can post them or not?

I have no strong feelings either way: I understand why it exists, as if you paste an iframe as an Author, there's no indication that it'll be removed until you either preview/publish, or reload the block editor. But, you're right that the code would be simpler without this check.

After all, they could still paste the iframes in HTML mode.

I'm not so concerned about this, since HTML mode has always been a "warranty is neither expressed nor implied" scenario.

@glendaviesnz glendaviesnz mentioned this pull request Feb 14, 2020
Closed
2 tasks
@ellatrix
Copy link
Member

I've been thinking a bit more about this...

  • We're talking about changing the behaviour on (external) paste, which is probably a scenario where we should be careful with iframes.
  • The current way of handling iframe is not super useful. It's cool that it works when you have unfiltered HTML capabilities, in which case it will be put in the "advanced" HTML block. In other words, pasting iframes only works for some people, it wouldn't be a proper block, and pasting iframes generally from outside Gutenberg is a bit questionable.

I therefore propose to always convert iframes to a plain URL from its source attribute.

  • Blocks can add transforms matching this URL, just like the embed block does.
  • Paste no longer has to depend on user capabilities.

I'll follow up with a new PR.

@ellatrix ellatrix mentioned this pull request Mar 18, 2020
Merged
6 tasks
@ellatrix
Copy link
Member

Fixed by #20983.

@ellatrix ellatrix closed this Mar 19, 2020
@ellatrix ellatrix deleted the fix/18389-pasting-iframes branch March 19, 2020 09:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ellatrix ellatrix ellatrix left review comments

@youknowriad youknowriad Awaiting requested review from youknowriad

Assignees

@pento pento

Labels
[Feature] Paste [Type] Bug An existing feature does not function as intended
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Block API: pasteHandler() removes iframes too early.
2 participants
@pento @ellatrix