Omit mozallowfullscreen & webkitallowfullscreen when sanitizing i…

…frame (#3698)
ampproject · Nov 7, 2019 · 8412733 · 8412733
1 parent 24a8e48
commit 8412733
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 0 deletions.
diff --git a/includes/sanitizers/class-amp-iframe-sanitizer.php b/includes/sanitizers/class-amp-iframe-sanitizer.php
@@ -217,6 +217,11 @@ private function normalize_attributes( $attributes ) {
 					}
 					break;
 
+				case 'mozallowfullscreen':
+				case 'webkitallowfullscreen':
+					// Omit these since amp-iframe will add them if needed if the `allowfullscreen` attribute is present.
+					break;
+
 				default:
 					$out[ $name ] = $value;
 					break;

diff --git a/tests/php/test-amp-iframe-sanitizer.php b/tests/php/test-amp-iframe-sanitizer.php
@@ -400,6 +400,16 @@ public function get_data() {
 					'add_dev_mode' => true,
 				],
 			],
+
+			'iframe_with_mozallowfullscreen_and_webkitallowfullscreen_attrs' => [
+				'<iframe title="Why Backbone" id="talk_frame_48643" src="//speakerdeck.com/player/4648d440a3230130452522b217532879" width="640" height="480" style="border:0; padding:0; margin:0; background:transparent;" frameborder="0" allowtransparency="true" allowfullscreen="allowfullscreen" mozallowfullscreen="true" webkitallowfullscreen="true"></iframe>',
+				'
+					<amp-iframe title="Why Backbone" id="talk_frame_48643" src="https://speakerdeck.com/player/4648d440a3230130452522b217532879" width="640" height="480" style="border:0; padding:0; margin:0; background:transparent;" frameborder="0" allowtransparency="" allowfullscreen="" sandbox="allow-scripts allow-same-origin" layout="intrinsic" class="amp-wp-enforced-sizes">
+						<noscript>
+							<iframe title="Why Backbone" id="talk_frame_48643" src="https://speakerdeck.com/player/4648d440a3230130452522b217532879" width="640" height="480" style="border:0; padding:0; margin:0; background:transparent;" frameborder="0"></iframe>
+						</noscript>
+					</amp-iframe>',
+			],
 		];
 	}