Plugin Directory

Changeset 823847 for s3-video


Ignore:
Timestamp:
12/17/2013 12:38:52 PM (11 years ago)
Author:
Anthony_MIlls
Message:

Fixed security issue and tested with Wordpress 3.8

Location:
s3-video/trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed
  • s3-video/trunk/LICENCE

    r728249 r823847  
    11S3 Video Plugin for Wordpress
    2 Copyright (C) 2011 Anthony Mills
     2Copyright (C) 2011 - 2013 Anthony Mills
    33
    44This program is free software; you can redistribute it and/or
  • s3-video/trunk/README

    r728249 r823847  
    22Contributors: Anthony.Mills
    33Plugin URI: https://github.com/anthony-mills/S3-Video
    4 Tested up to: 3.51
     4Tested up to: 3.8
    55Tags: S3, Video, Embed, Streaming, Playlists
    66
     
    4343
    4444== Changelog ==
     45
     46= 0.983 =
     47* Fixed XSS scripting vulnerability in video preview script
    4548
    4649= 0.982 =
  • s3-video/trunk/readme.txt

    r728249 r823847  
    33Plugin URI: https://github.com/anthony-mills/S3-Video
    44Author URI: http://www.development-cycle.com
    5 Tested up to: 3.51
     5Tested up to: 3.8
    66Tags: S3, Video, Embed, Streaming, Playlists
    77
     
    5151
    5252== Changelog ==
     53
     54= 0.983 =
     55* Fixed XSS scripting vulnerability in video preview script
    5356
    5457= 0.982 =
  • s3-video/trunk/views/video-management/preview_video.php

    r728249 r823847  
     1<?php
     2$baseDir = str_replace('views/video-management', '', dirname($_SERVER['PHP_SELF']));
     3
     4?>
    15<html>
    26<head>
    37    <?php if ((empty($_GET['player'])) || ($_GET['player'] == 'flowplayer')) { ?>
    48            <?php $player = 'flowplayer'; ?>
    5             <script type="text/javascript" src="<?php echo $_GET['base']; ?>js/flowplayer-3.2.12.js"></script>
    6     <?php } else { ?>
     9            <script type="text/javascript" src="<?php echo $baseDir; ?>js/flowplayer-3.2.12.js"></script>
     10    <?php } else { ?>
    711            <?php $player = 'videojs'; ?>
    8             <link href="<?php echo $_GET['base']; ?>css/video-js.css" rel="stylesheet">
    9             <script type="text/javascript" src="<?php echo $_GET['base']; ?>js/video.min.js"></script>
     12            <link href="<?php echo $baseDir; ?>css/video-js.css" rel="stylesheet">
     13            <script type="text/javascript" src="<?php echo $baseDir; ?>js/video.min.js"></script>
    1014            <script>
    11                 _V_.options.flash.swf = "<?php echo $_GET['base']; ?>/misc/video-js.swf";
    12             </script>   
    13     <?php } ?>
     15                _V_.options.flash.swf = "<?php echo $baseDir; ?>misc/video-js.swf";
     16        </script>   
     17    <?php } ?>
    1418</head>
    1519
    1620<body>
    17     <div align="center">
     21    <div align="center" id="videoElement">
    1822        <?php if (!empty($_GET['media'])) { ?>
    1923            <?php if ($player == 'flowplayer') { ?>
     
    2125                       
    2226                        <script>
    23                             flowplayer("player", "<?php echo $_GET['base']; ?>misc/flowplayer-3.2.16.swf", {
     27                            flowplayer("player", "<?php echo $baseDir; ?>misc/flowplayer-3.2.16.swf", {
    2428                                clip:  {
    2529                                    autoPlay: false,
Note: See TracChangeset for help on using the changeset viewer.