diff --git a/classes/Controller/FrontController.php b/classes/Controller/FrontController.php index fa0478b..725d224 100644 --- a/classes/Controller/FrontController.php +++ b/classes/Controller/FrontController.php @@ -222,6 +222,25 @@ class FrontController extends BaseController } } + /* Fetch the thumbnail, if it exists, and add a data URI to the video object */ + if (isset($this->video->thumbnail) && $this->video->thumbnail !== '') { + /* Fetch the thumbnail */ + $thumbnailData = file_get_contents($this->video->thumbnail); + $thumbnailData = base64_encode($thumbnailData); + /* Guess the mime type */ + $thumbnailMime = 'image/jpeg'; + + if (strpos($this->video->thumbnail, '.png') !== false) { + $thumbnailMime = 'image/png'; + } elseif (strpos($this->video->thumbnail, '.gif') !== false) { + $thumbnailMime = 'image/gif'; + } elseif (strpos($this->video->thumbnail, '.webp') !== false) { + $thumbnailMime = 'image/webp'; + } + + $this->video->thumbnail = 'data:' . $thumbnailMime . ';base64,' . $thumbnailData; + } + $this->view->render( $response, $template, diff --git a/classes/Middleware/CspMiddleware.php b/classes/Middleware/CspMiddleware.php index 3fa21cd..859162a 100644 --- a/classes/Middleware/CspMiddleware.php +++ b/classes/Middleware/CspMiddleware.php @@ -44,13 +44,13 @@ class CspMiddleware ->addDirective('base-uri', []) ->addDirective('frame-ancestors', []) ->addSource('form-action', '*') - ->addSource('img-src', '*'); + ->addSource('img-src', '*') + ->addSource('img-src', 'data:'); if ($this->config->debug) { // So maximebf/debugbar, symfony/debug and symfony/error-handler can work. $csp->setDirective('script-src', ['self' => true, 'unsafe-inline' => true]) - ->setDirective('style-src', ['self' => true, 'unsafe-inline' => true]) - ->addSource('img-src', 'data:'); + ->setDirective('style-src', ['self' => true, 'unsafe-inline' => true]); } return $csp->injectCSPHeader($response);