Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[MM-55261] Allow embedded video links to go fullscreen after a permission check #2905

Merged
merged 1 commit into from
Nov 10, 2023
Merged

[MM-55261] Allow embedded video links to go fullscreen after a permission check #2905

merged 1 commit into from
Nov 10, 2023

Conversation

devinbinnie
Copy link
Member

Summary

When adding per-server permissions, I neglected to test for YouTube and other embedded videos that will want to fullscreen the app. Those requests always come from the video's source and would get auto-denied otherwise.

This PR adds an exception for the fullscreen permission to allow the user to decide whether to allow/deny the full screen permission, which allows these embedded videos to work again.

Ticket Link

https://mattermost.atlassian.net/browse/MM-55261

Fix an issue where user's could not fullscreen embedded videos.

@devinbinnie devinbinnie added 2: Dev Review Requires review by a core committer 3: Security Review Review requested from Security Team labels Nov 8, 2023
@devinbinnie devinbinnie added this to the v5.6.0 milestone Nov 8, 2023
marianunez
marianunez reviewed Nov 8, 2023
View reviewed changes
src/main/permissionsManager.ts
// is the requesting url trusted?
if (!(isTrustedURL(parsedURL, serverURL) || (permission === 'media' && parsedURL.origin === serverURL.origin))) {
if (!(isTrustedURL(parsedURL, serverURL) || (permission === 'media' && parsedURL.origin === serverURL.origin) || isExternalFullscreen)) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we want to ask permission or not for external full screen? Is this supposed to be !isExternalFullscreen?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We do, there's an additional ! at the beginning of that statement.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah gotcha, didn't see that it was added in the two parenthesis there

esarafianou
esarafianou approved these changes Nov 10, 2023
View reviewed changes
Copy link
Contributor

@esarafianou esarafianou left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@devinbinnie devinbinnie merged commit a107127 into mattermost:master Nov 10, 2023
23 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@esarafianou esarafianou esarafianou approved these changes

@larkox larkox larkox approved these changes

@marianunez marianunez marianunez approved these changes

Assignees
No one assigned
Labels
2: Dev Review Requires review by a core committer 3: Security Review Review requested from Security Team release-note
Projects
None yet
Milestone
v5.6.0
Development

Successfully merging this pull request may close these issues.
5 participants
@devinbinnie @marianunez @larkox @esarafianou @mm-cloud-bot