From 2fe40c752b4272484972f141e406fbcb7fa0cdb8 Mon Sep 17 00:00:00 2001
From: tdro <tdro@noreply.example.com>
Date: Sat, 3 Dec 2022 01:02:40 -0500
Subject: themes/default/layouts/shortcodes/video.html: Default to self always

To avoid hotlinking by mistake. Support media start and end fragments
(https://www.w3.org/TR/media-frags/) separately. Add remote parameter
for offloading to source
---
 config.json                                         |  7 +------
 config.toml                                         |  8 ++++----
 config.yaml                                         | 10 +++++-----
 .../default/layouts/partials/video-container.html   | 21 ++++++++++++++++++---
 themes/default/layouts/shortcodes/imgur.html        | 13 -------------
 themes/default/layouts/shortcodes/version.html      |  2 +-
 themes/default/layouts/shortcodes/video.html        |  5 +++--
 7 files changed, 32 insertions(+), 34 deletions(-)
 delete mode 100644 themes/default/layouts/shortcodes/imgur.html

diff --git a/config.json b/config.json
index fc57fbe..25762ab 100644
--- a/config.json
+++ b/config.json
@@ -130,7 +130,6 @@
       ],
       "frame-src": [
         "'self'",
-        "imgur.com",
         "www.youtube-nocookie.com",
         "platform.twitter.com",
         "en.m.wikipedia.org",
@@ -146,9 +145,7 @@
         "'self'"
       ],
       "media-src": [
-        "'self'",
-        "raw.githubusercontent.com",
-        "i.imgur.com"
+        "'self'"
       ],
       "object-src": [
         "'self'",
@@ -159,12 +156,10 @@
       ],
       "script-src-elem": [
         "'self'",
-        "s.imgur.com",
         "platform.twitter.com"
       ],
       "script-src": [
         "'self'",
-        "s.imgur.com",
         "platform.twitter.com"
       ],
       "style-src": [
diff --git a/config.toml b/config.toml
index 386076b..e8e9778 100644
--- a/config.toml
+++ b/config.toml
@@ -108,14 +108,14 @@ enableRobotsTXT = true
     default-src = ["'self'"]
     font-src = ["'self'"]
     form-action = ["'self'", "lite.duckduckgo.com"]
-    frame-src = ["'self'", "imgur.com", "www.youtube-nocookie.com", "platform.twitter.com", "en.m.wikipedia.org", "odysee.com", "www.gutenberg.org"]
+    frame-src = ["'self'", "www.youtube-nocookie.com", "platform.twitter.com", "en.m.wikipedia.org", "odysee.com", "www.gutenberg.org"]
     img-src = ["'self'", "http://preview.test", "www.gutenberg.org"]
     manifest-src = ["'self'"]
-    media-src = ["'self'", "raw.githubusercontent.com", "i.imgur.com"]
+    media-src = ["'self'"]
     object-src = ["'self'", "www.gutenberg.org"]
     prefetch-src = ["'self'"]
-    script-src-elem = ["'self'", "s.imgur.com", "platform.twitter.com"]
-    script-src = ["'self'", "s.imgur.com", "platform.twitter.com"]
+    script-src-elem = ["'self'", "platform.twitter.com"]
+    script-src = ["'self'", "platform.twitter.com"]
     style-src = ["'self'", "'unsafe-inline'", "http://preview.test"]
     worker-src = ["'self'"]
 
diff --git a/config.yaml b/config.yaml
index bb55ea4..5dbe841 100644
--- a/config.yaml
+++ b/config.yaml
@@ -96,15 +96,15 @@ params:
     default-src: ["'self'"]
     font-src: ["'self'"]
     form-action: ["'self'", lite.duckduckgo.com]
-    frame-src: ["'self'", imgur.com, www.youtube-nocookie.com, platform.twitter.com,
-      en.m.wikipedia.org, odysee.com, www.gutenberg.org]
+    frame-src: ["'self'", www.youtube-nocookie.com, platform.twitter.com, en.m.wikipedia.org,
+      odysee.com, www.gutenberg.org]
     img-src: ["'self'", http://preview.test, www.gutenberg.org]
     manifest-src: ["'self'"]
-    media-src: ["'self'", raw.githubusercontent.com, i.imgur.com]
+    media-src: ["'self'"]
     object-src: ["'self'", www.gutenberg.org]
     prefetch-src: ["'self'"]
-    script-src-elem: ["'self'", s.imgur.com, platform.twitter.com]
-    script-src: ["'self'", s.imgur.com, platform.twitter.com]
+    script-src-elem: ["'self'", platform.twitter.com]
+    script-src: ["'self'", platform.twitter.com]
     style-src: ["'self'", "'unsafe-inline'", http://preview.test]
     worker-src: ["'self'"]
   search:
diff --git a/themes/default/layouts/partials/video-container.html b/themes/default/layouts/partials/video-container.html
index 488d4ec..520a16d 100644
--- a/themes/default/layouts/partials/video-container.html
+++ b/themes/default/layouts/partials/video-container.html
@@ -1,12 +1,22 @@
 {{- $cache      := "" -}}
+{{- $source     := "" -}}
 {{- $timestamp  := "" -}}
 {{- $caption    := .Caption -}}
+{{- $remote     := .Remote -}}
 {{- $public     := print "public/" .Source -}}
 {{- $immutable  := print (.RelURL | humanize | urlize) "-" (.Source | sha256 | truncate 8 "") -}}
 {{- $extension  := path.Ext .Source -}}
 {{- $fileCache  := print $.Author "/media/" $immutable $extension -}}
 {{- $notCached  := not (fileExists (path.Join "public/" $fileCache)) -}}
 
+{{- if .Start -}}
+  {{- $timestamp = print "#t=" .Start -}}
+{{- end -}}
+
+{{- if .End -}}
+  {{- $timestamp = print "#t=," .End -}}
+{{- end -}}
+
 {{- if and .Start .End -}}
   {{- $timestamp = print "#t=" .Start "," .End -}}
 {{- end -}}
@@ -14,8 +24,7 @@
 {{- if $notCached -}}
   {{- with $remote := resources.GetRemote .Source -}}
     {{- with .Err -}}
-      {{- if fileExists $public -}}
-      {{- else -}}
+      {{- if not (fileExists $public) -}}
         {{- $caption = "No local video data found for source" -}}
       {{- end -}}
     {{- else -}}
@@ -31,6 +40,12 @@
   {{- $cache = $cache.Permalink -}}
 {{- end -}}
 
+{{- $source = $cache -}}
+
+{{- if .Remote -}}
+  {{- $source = .Source -}}
+{{- end -}}
+
 <video-container>
   <video
     title="{{ .Title }}"
@@ -40,7 +55,7 @@
     {{ with .Width }} width="{{ . }}" {{ end -}}
     {{ with .Height }} height="{{ . }}" {{ end -}}
     {{ .Options | safeHTMLAttr }}>
-      <source src="{{ or .Source .Cache }}{{ $timestamp }}">
+      <source src="{{ $source }}{{ $timestamp }}">
       {{ print "Video: " $caption "." | markdownify }}
       <p>
         Sorry, your browser does not support embedded videos. Here is a
diff --git a/themes/default/layouts/shortcodes/imgur.html b/themes/default/layouts/shortcodes/imgur.html
deleted file mode 100644
index f51bcef..0000000
--- a/themes/default/layouts/shortcodes/imgur.html
+++ /dev/null
@@ -1,13 +0,0 @@
-{{- $id := default "mkVcxUi" (.Get "id" | default (.Get 0)) -}}
-
-<imgur-image>
-  <blockquote
-    class="imgur-embed-pub"
-    lang="en"
-    data-id="a/{{ $id }}"
-    data-context="false"
-  >
-    <a href="//imgur.com/a/{{ $id }}"></a>
-  </blockquote>
-  <script async src="//s.imgur.com/min/embed.js" charset="utf-8"></script>
-</imgur-image>
diff --git a/themes/default/layouts/shortcodes/version.html b/themes/default/layouts/shortcodes/version.html
index c34a53d..9c993b3 100644
--- a/themes/default/layouts/shortcodes/version.html
+++ b/themes/default/layouts/shortcodes/version.html
@@ -1,4 +1,4 @@
-{{- $version := "0.11.6" -}}
+{{- $version := "0.11.7" -}}
 {{- $number := default false (.Get "number" | default (.Get 0)) -}}
 {{- $clone  := default false (.Get "clone"  | default (.Get 1)) -}}
 
diff --git a/themes/default/layouts/shortcodes/video.html b/themes/default/layouts/shortcodes/video.html
index 1aadbbd..64de78f 100644
--- a/themes/default/layouts/shortcodes/video.html
+++ b/themes/default/layouts/shortcodes/video.html
@@ -13,6 +13,7 @@
 {{- $start       := default ""               (.Get "start"       | default (.Get 8)) -}}
 {{- $end         := default ""               (.Get "end"         | default (.Get 9)) -}}
 {{- $orientation := default "landscape"      (.Get "orientation" | default (.Get 10)) -}}
+{{- $remote      := default ""               (.Get "remote"      | default (.Get 11)) -}}
 
 {{- partial "video-container.html"
   (dict
@@ -21,14 +22,14 @@
     "End"         $end
     "Height"      $height
     "Options"     $options
+    "Orientation" $orientation
     "Poster"      $poster
     "Preload"     $preload
     "RelURL"      (strings.TrimPrefix .Site.BaseURL .Page.Permalink)
-    "Source"      $source
+    "Remote"      $remote
     "Source"      $source
     "Start"       $start
     "Title"       $title
     "Width"       $width
-    "Orientation" $orientation
   )
 -}}
-- 
cgit v1.2.3