├── .gitattributes
├── .gitignore
├── iframe.php
├── readme.txt
└── screenshot-1.png


/.gitattributes:
--------------------------------------------------------------------------------
 1 | # Auto detect text files and perform LF normalization
 2 | * text=auto
 3 | 
 4 | # Custom for Visual Studio
 5 | *.cs     diff=csharp
 6 | 
 7 | # Standard to msysgit
 8 | *.doc	 diff=astextplain
 9 | *.DOC	 diff=astextplain
10 | *.docx diff=astextplain
11 | *.DOCX diff=astextplain
12 | *.dot  diff=astextplain
13 | *.DOT  diff=astextplain
14 | *.pdf  diff=astextplain
15 | *.PDF	 diff=astextplain
16 | *.rtf	 diff=astextplain
17 | *.RTF	 diff=astextplain
18 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
 1 | # Windows image file caches
 2 | Thumbs.db
 3 | ehthumbs.db
 4 | 
 5 | # Folder config file
 6 | Desktop.ini
 7 | 
 8 | # Recycle Bin used on file shares
 9 | $RECYCLE.BIN/
10 | 
11 | # Windows Installer files
12 | *.cab
13 | *.msi
14 | *.msm
15 | *.msp
16 | 
17 | # Windows shortcuts
18 | *.lnk
19 | 
20 | # =========================
21 | # Operating System Files
22 | # =========================
23 | 
24 | # OSX
25 | # =========================
26 | 
27 | .DS_Store
28 | .AppleDouble
29 | .LSOverride
30 | 
31 | # Thumbnails
32 | ._*
33 | 
34 | # Files that might appear on external disk
35 | .Spotlight-V100
36 | .Trashes
37 | 
38 | # Directories potentially created on remote AFP share
39 | .AppleDB
40 | .AppleDesktop
41 | Network Trash Folder
42 | Temporary Items
43 | .apdisk
44 | 


--------------------------------------------------------------------------------
/iframe.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | /*
 3 | Plugin Name: iframe
 4 | Plugin URI: http://wordpress.org/plugins/iframe/
 5 | Description: [iframe src="http://www.youtube.com/embed/7_nAZQt9qu0" width="100%" height="500"] shortcode
 6 | Version: 5.2
 7 | Author: webvitaly
 8 | Author URI: http://web-profile.net/wordpress/plugins/
 9 | License: GPLv3
10 | */
11 | 
12 | if ( ! defined( 'ABSPATH' ) ) { // Avoid direct calls to this file and prevent full path disclosure
13 | 	exit;
14 | }
15 | 
16 | define('IFRAME_PLUGIN_VERSION', '5.2');
17 | 
18 | function iframe_plugin_add_shortcode_cb( $atts ) {
19 | 	$defaults = array(
20 | 		//'src' => 'http://www.youtube.com/embed/7_nAZQt9qu0',
21 | 		'width' => '100%',
22 | 		'height' => '500',
23 | 		'scrolling' => 'yes',
24 | 		'class' => 'iframe-class',
25 | 		'frameborder' => '0'
26 | 	);
27 | 
28 | 	if ( ! is_array( $atts ) ) {
29 | 		$atts = array();
30 | 	}
31 | 
32 | 	foreach ( $defaults as $default => $value ) { // add defaults
33 | 		if ( ! @array_key_exists( $default, $atts ) ) { // mute warning with "@" when no params at all
34 | 			$atts[$default] = $value;
35 | 		}
36 | 	}
37 | 
38 | 	$html = "\n".'<!-- iframe plugin v.'.IFRAME_PLUGIN_VERSION.' wordpress.org/plugins/iframe/ -->'."\n";
39 | 	$html .= '<iframe';
40 | 	foreach( $atts as $attr => $value ) {
41 | 		if ( strtolower($attr) == 'src' ) { // sanitize url
42 | 			$value = esc_url( $value );
43 | 		}
44 | 
45 | 		// Remove 'srcdoc' attribute
46 | 		if ( strtolower($attr) == 'srcdoc' ) {
47 | 			continue;
48 | 		}
49 | 
50 | 		// Skip attributes starting with "on". Examples: onload, onmouseover, onfocus, onpageshow, onclick
51 | 		if ( strpos( strtolower( $attr ), 'on' ) === 0 ) {
52 | 			continue;
53 | 		}
54 | 
55 | 		if ($value !== '') { // adding all attributes
56 | 			$html .= ' ' . esc_attr($attr) . '="' . esc_attr($value) . '"';
57 | 		} else { // adding empty attributes
58 | 			$html .= ' ' . esc_attr($attr);
59 | 		}
60 | 	}
61 | 	$html .= '></iframe>'."\n";
62 | 
63 | 	if ( isset( $atts["same_height_as"] ) ) {
64 | 		$html .= '
65 | 			<script>
66 | 			document.addEventListener("DOMContentLoaded", function(){
67 | 				var target_element, iframe_element;
68 | 				iframe_element = document.querySelector("iframe.' . esc_attr( $atts["class"] ) . '");
69 | 				target_element = document.querySelector("' . esc_attr( $atts["same_height_as"] ) . '");
70 | 				iframe_element.style.height = target_element.offsetHeight + "px";
71 | 			});
72 | 			</script>
73 | 		';
74 | 	}
75 | 
76 | 	return $html;
77 | }
78 | add_shortcode( 'iframe', 'iframe_plugin_add_shortcode_cb' );
79 | 
80 | 
81 | function iframe_plugin_row_meta_cb( $links, $file ) {
82 | 	if ( $file == plugin_basename( __FILE__ ) ) {
83 | 		$row_meta = array(
84 | 			'support' => '<a href="http://web-profile.net/wordpress/plugins/iframe/" target="_blank">' . __( 'Iframe', 'iframe' ) . '</a>',
85 | 			'donate' => '<a href="http://web-profile.net/donate/" target="_blank">' . __( 'Donate', 'iframe' ) . '</a>'
86 | 		);
87 | 		$links = array_merge( $links, $row_meta );
88 | 	}
89 | 	return (array) $links;
90 | }
91 | add_filter( 'plugin_row_meta', 'iframe_plugin_row_meta_cb', 10, 2 );
92 | 


--------------------------------------------------------------------------------
/readme.txt:
--------------------------------------------------------------------------------
  1 | === iframe ===
  2 | Contributors: webvitaly
  3 | Donate link: http://web-profile.net/donate/
  4 | Tags: iframe, embed, youtube, vimeo, google-maps
  5 | Requires at least: 3.0
  6 | Tested up to: 6.7.1
  7 | Stable tag: 5.2
  8 | License: GPLv3
  9 | License URI: http://www.gnu.org/licenses/gpl.html
 10 | 
 11 | [iframe src="http://www.youtube.com/embed/7_nAZQt9qu0" width="100%" height="500"] shortcode
 12 | 
 13 | == Description ==
 14 | 
 15 | * **[iframe](http://web-profile.net/wordpress/plugins/iframe/ "Plugin page")**
 16 | * **[Donate](http://web-profile.net/donate/ "Support the development")**
 17 | * **[GitHub](https://github.com/webvitalii/iframe "Fork")**
 18 | 
 19 | [iframe src="http://www.youtube.com/embed/7_nAZQt9qu0" width="100%" height="500"] shortcode
 20 | should show something like this:
 21 | 
 22 | [youtube http://www.youtube.com/watch?v=7_nAZQt9qu0]
 23 | 
 24 | 
 25 | WordPress removes iframe html tags because of security reasons.
 26 | Iframe shortcode is the replacement of the iframe html tag and accepts the same params as iframe html tag does.
 27 | You may use iframe shortcode to embed content from YouTube, Vimeo, Google Maps or from any external page.
 28 | 
 29 | 
 30 | If you need to embed content from YouTube, Vimeo, SlideShare, SoundCloud, Twitter via direct link, you may use `[embed]http://www.youtube.com/watch?v=7_nAZQt9qu0[/embed]` shortcode.
 31 | [embed] shortcode is a core WordPress feature and can [embed content from many resources via direct link](http://codex.wordpress.org/Embeds).
 32 | 
 33 | **Important**: You can not embed HTTP pages into HTTPS pages and vice versa.
 34 | So the protocol (http or httpS) for parent and embedded page should match.
 35 | 
 36 | 
 37 | = iframe params: =
 38 | * **src** - source of the iframe: `[iframe src="http://www.youtube.com/embed/7_nAZQt9qu0"]`; by default src="http://www.youtube.com/embed/7_nAZQt9qu0";
 39 | * **width** - width in pixels or in percents: `[iframe width="100%"]` or `[iframe width="600"]`; by default width="100%";
 40 | * **height** - height in pixels: `[iframe height="500"]`; by default height="500";
 41 | * **scrolling** - with or without the scrollbar: `[iframe scrolling="no"]`; by default scrolling="yes";
 42 | * **frameborder** - with or without the frame border: `[iframe frameborder="0"]`; by default frameborder="0";
 43 | * **marginheight** - height of the margin: `[iframe marginheight="0"]`; removed by default;
 44 | * **marginwidth** - width of the margin: `[iframe marginwidth="0"]`; removed by default;
 45 | * **allowtransparency** - allows to set transparency of the iframe: `[iframe allowtransparency="true"]`; removed by default;
 46 | * **id** - allows to add the id of the iframe: `[iframe id="custom_id"]`; removed by default;
 47 | * **class** - allows to add the class of the iframe: `[iframe class="custom_class"]`; by default class="iframe-class";
 48 | * **style** - allows to add the css styles of the iframe: `[iframe style="margin-left:-30px;"]`; removed by default;
 49 | * **same_height_as** - allows to set the height of iframe same as target element: `[iframe same_height_as="div.sidebar"]`, `[iframe same_height_as="div#content"]`, `[iframe same_height_as="body"]`, `[iframe same_height_as="html"]`; removed by default;
 50 | * **any_other_param** - allows to add new parameter of the iframe `[iframe any_other_param="any_value"]`;
 51 | * **any_other_empty_param** - allows to add new empty parameter of the iframe (like "allowfullscreen" on youtube) `[iframe any_other_empty_param=""]`;
 52 | 
 53 | == Screenshots ==
 54 | 
 55 | 1. [iframe] shortcode
 56 | 
 57 | == Changelog ==
 58 | 
 59 | = 5.2 =
 60 | * minor update
 61 | 
 62 | = 5.1 =
 63 | * removed srcdoc attribute completely
 64 | 
 65 | = 5.0 =
 66 | * fixed the $atts string/array error.
 67 | 
 68 | = 4.9 =
 69 | * sanitized srcdoc attribute more.
 70 | 
 71 | = 4.8 =
 72 | * sanitized srcdoc attribute.
 73 | 
 74 | = 4.7 =
 75 | * remove all attributes starting with "on". Examples: onload, onmouseover, onfocus, onpageshow, onclick.
 76 | 
 77 | = 4.6 =
 78 | * removed onmouseover and onfocus attributes.
 79 | 
 80 | = 4.5 =
 81 | * sanitize URL.
 82 | 
 83 | = 4.4 =
 84 | * minor cleanup.
 85 | 
 86 | = 4.3 =
 87 | * minor refactoring.
 88 | 
 89 | = 4.2 =
 90 | * minor bugfixing.
 91 | 
 92 | = 4.1 =
 93 | * removed onpageshow and onclick params. Reason: XSS vulnerability (thanks to dxw.com).
 94 | 
 95 | = 4.0 =
 96 | * removed get_params_from_url param. Reason: XSS vulnerability (thanks to dxw.com).
 97 | If you still need this feature you can [download iframe ver 3.0[(https://wordpress.org/plugins/iframe/developers/) and stick to it but keep in mind of XSS vulnerability.
 98 | * removed onload param. Reason: XSS vulnerability (thanks to dxw.com).
 99 | * escaping attributes
100 | 
101 | = 3.0 =
102 | * removed same_height_as="content", same_height_as="window", same_height_as="document" features because it was not working properly
103 | * rewrote the javascript-code using pure JavaScript and without jQuery - no need to load jQuery for every site using iframe plugin
104 | * removed function_exists check because each function has unique prefix
105 | * code refactored
106 | * update docs
107 | * set height="500" instead of 480 by default
108 | * set scrolling="yes" instead of "no" by default
109 | 
110 | = 2.9 =
111 | * remove '&' from the end of the string in 'get_params_from_url' param
112 | 
113 | = 2.8 =
114 | * remove fix for google maps
115 | 
116 | = 2.7 =
117 | * minor changes
118 | 
119 | = 2.6 =
120 | * minor changes
121 | 
122 | = 2.5 =
123 | * added 'get_params_from_url' (thanks to Nathanael Majoros)
124 | 
125 | = 2.4 =
126 | * minor changes
127 | 
128 | = 2.3 =
129 | * small fixes
130 | * added (src="http://www.youtube.com/embed/7_nAZQt9qu0") by default
131 | 
132 | = 2.2 =
133 | * fixed bug (Notice: Undefined index: same_height_as)
134 | 
135 | = 2.1 =
136 | * added (frameborder="0") by default
137 | 
138 | = 2.0 =
139 | * plugin core rebuild (thanks to Gregg Tavares)
140 | * remove not setted params except the defaults
141 | * added support for all params, which user will set
142 | * added support for empty params (like "allowfullscreen" on youtube)
143 | 
144 | = 1.8 =
145 | * Added style parameter
146 | 
147 | = 1.7 =
148 | * Fixing minor bugs
149 | 
150 | = 1.6.0 =
151 | * Added auto-height feature (thanks to Willem Veelenturf)
152 | 
153 | = 1.5.0 =
154 | * Using native jQuery from include directory
155 | * Improved "same_height_as" parameter
156 | 
157 | = 1.4.0 =
158 | * Added "same_height_as" parameter
159 | 
160 | = 1.3.0 =
161 | * Added "id" and "class" parameters
162 | 
163 | = 1.2.0 =
164 | * Added "output=embed" fix to Google Map
165 | 
166 | = 1.1.0 =
167 | * Parameter allowtransparency added (thanks to Kent)
168 | 
169 | = 1.0.0 =
170 | * Initial release
171 | 
172 | == Installation ==
173 | 
174 | 1. install and activate the plugin on the Plugins page
175 | 2. add shortcode `[iframe src="http://www.youtube.com/embed/7_nAZQt9qu0" width="100%" height="500"]` to page or post content
176 | 


--------------------------------------------------------------------------------
/screenshot-1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/webvitalii/iframe/f5b4412da06570b0bfaf7732c3661ff225c16682/screenshot-1.png


--------------------------------------------------------------------------------