diff --git a/app/assets/stylesheets/common/base/onebox.scss b/app/assets/stylesheets/common/base/onebox.scss
index 368c7cf9c76..76a0576af71 100644
--- a/app/assets/stylesheets/common/base/onebox.scss
+++ b/app/assets/stylesheets/common/base/onebox.scss
@@ -866,6 +866,14 @@ aside.onebox.xkcd .onebox-body img {
justify-content: center;
align-items: center;
+ &.image {
+ &:before {
+ opacity: 0.8;
+ content: svg-uri(
+ ''
+ );
+ }
+ }
&.video {
&:before {
opacity: 0.8;
diff --git a/config/site_settings.yml b/config/site_settings.yml
index 399815b4e8c..5cfbd0eb822 100644
--- a/config/site_settings.yml
+++ b/config/site_settings.yml
@@ -1633,7 +1633,7 @@ security:
allow_any: false
choices: "['*'] + Onebox::Engine.all_iframe_origins"
allowed_iframes:
- default: "https://www.google.com/maps/embed?|https://www.openstreetmap.org/export/embed.html?|https://calendar.google.com/calendar/embed?|https://codepen.io/"
+ default: "https://www.google.com/maps/embed?|https://www.openstreetmap.org/export/embed.html?|https://calendar.google.com/calendar/embed?|https://codepen.io/|https://www.instagram.com"
type: list
list_type: simple
client: true
diff --git a/lib/onebox/engine/instagram_onebox.rb b/lib/onebox/engine/instagram_onebox.rb
index 21a8ae6c6ff..7cc96ad3d61 100644
--- a/lib/onebox/engine/instagram_onebox.rb
+++ b/lib/onebox/engine/instagram_onebox.rb
@@ -9,22 +9,41 @@ module Onebox
matches_regexp(/^https?:\/\/(?:www\.)?(?:instagram\.com|instagr\.am)\/?(?:.*)\/(?:p|tv)\/[a-zA-Z\d_-]+/)
always_https
+ requires_iframe_origins "https://www.instagram.com"
def clean_url
url.scan(/^https?:\/\/(?:www\.)?(?:instagram\.com|instagr\.am)\/?(?:.*)\/(?:p|tv)\/[a-zA-Z\d_-]+/).flatten.first
end
def data
- oembed = get_oembed
- raise "No oEmbed data found. Ensure 'facebook_app_access_token' is valid" if oembed.data.empty?
+ @data ||= begin
+ oembed = get_oembed
+ raise "No oEmbed data found. Ensure 'facebook_app_access_token' is valid" if oembed.data.empty?
- {
- link: clean_url.gsub("/#{oembed.author_name}/", "/"),
- title: "@#{oembed.author_name}",
- image: oembed.thumbnail_url,
- description: Onebox::Helpers.truncate(oembed.title, 250),
- }
+ {
+ link: clean_url.gsub("/#{oembed.author_name}/", "/") + '/embed',
+ title: "@#{oembed.author_name}",
+ image: oembed.thumbnail_url,
+ image_width: oembed.data[:thumbnail_width],
+ image_height: oembed.data[:thumbnail_height],
+ description: Onebox::Helpers.truncate(oembed.title, 250),
+ }
+ end
+ end
+ def placeholder_html
+ ::Onebox::Helpers.image_placeholder_html
+ end
+
+ def to_html
+ <<-HTML
+
+ HTML
end
protected
diff --git a/lib/onebox/helpers.rb b/lib/onebox/helpers.rb
index 94138de1ad1..4d54ac8d2ef 100644
--- a/lib/onebox/helpers.rb
+++ b/lib/onebox/helpers.rb
@@ -234,6 +234,10 @@ module Onebox
Addressable::URI.unencode(url)
end
+ def self.image_placeholder_html
+ "
"
+ end
+
def self.video_placeholder_html
"
"
end
diff --git a/spec/components/oneboxer_spec.rb b/spec/components/oneboxer_spec.rb
index 527f0545d21..21afb3abc99 100644
--- a/spec/components/oneboxer_spec.rb
+++ b/spec/components/oneboxer_spec.rb
@@ -308,7 +308,7 @@ describe Oneboxer do
end
end
- context 'facebook_app_access_token' do
+ context 'instagram' do
it 'providing a token should attempt to use new endpoint' do
url = "https://www.instagram.com/p/CHLkBERAiLa"
access_token = 'abc123'
@@ -318,7 +318,7 @@ describe Oneboxer do
stub_request(:head, url)
stub_request(:get, "https://graph.facebook.com/v9.0/instagram_oembed?url=#{url}&access_token=#{access_token}").to_return(body: response("instagram_new"))
- expect(Oneboxer.preview(url, invalidate_oneboxes: true)).not_to include('instagram-description')
+ expect(Oneboxer.preview(url, invalidate_oneboxes: true)).to include('placeholder-icon image')
end
it 'unconfigured token should attempt to use old endpoint' do
@@ -326,7 +326,15 @@ describe Oneboxer do
stub_request(:head, url)
stub_request(:get, "https://api.instagram.com/oembed/?url=#{url}").to_return(body: response("instagram_old"))
- expect(Oneboxer.preview(url, invalidate_oneboxes: true)).to include('instagram-description')
+ expect(Oneboxer.preview(url, invalidate_oneboxes: true)).to include('placeholder-icon image')
+ end
+
+ it 'renders result using an iframe' do
+ url = "https://www.instagram.com/p/CHLkBERAiLa"
+ stub_request(:head, url)
+ stub_request(:get, "https://api.instagram.com/oembed/?url=#{url}").to_return(body: response("instagram_old"))
+
+ expect(Oneboxer.onebox(url, invalidate_oneboxes: true)).to include('iframe')
end
end
diff --git a/spec/fixtures/onebox/instagram_old_onebox.response b/spec/fixtures/onebox/instagram_old_onebox.response
deleted file mode 100644
index b0c0a9a5c4e..00000000000
--- a/spec/fixtures/onebox/instagram_old_onebox.response
+++ /dev/null
@@ -1,17 +0,0 @@
-
-{
-"version": "1.0",
-"title": "Photo by Pete McBride @pedromcbride | For the first time in three decades, inhabitants of northern India are able to see the Himalaya\u2014thanks to reduced air pollution over the last few weeks. Considering that India experiences some of the worst pollution in the world, this is a literal breath of fresh air. When I was there, the air was so thick you could taste the smoke and fumes.\n\nThe coronavirus pandemic that has led to India's temporary reduction in pollutants has also put the country on the world's largest lockdown, and it's too soon to tell what impact that has had on curbing the disease\u2014as well as what the long-term effects will be on attitudes toward fresh air once the population returns to business as usual. For more on India and the environment, follow @pedromcbride. #india #himalaya #covid19 #pollution",
-"author_name": "natgeo",
-"author_url": "https://www.instagram.com/natgeo",
-"author_id": 787132, "media_id": "2310750110684704208_787132",
-"provider_name": "Instagram",
-"provider_url": "https://www.instagram.com",
-"type": "rich",
-"width": 658,
-"height": null,
-"html": "\u003cblockquote class=\"instagram-media\" data-instgrm-captioned data-instgrm-permalink=\"https://www.instagram.com/p/CARbvuYDm3Q/?utm_source=ig_embed\u0026amp;utm_campaign=loading\" data-instgrm-version=\"13\" style=\" background:#FFF; border:0; border-radius:3px; box-shadow:0 0 1px 0 rgba(0,0,0,0.5),0 1px 10px 0 rgba(0,0,0,0.15); margin: 1px; max-width:658px; min-width:326px; padding:0; width:99.375%; width:-webkit-calc(100% - 2px); width:calc(100% - 2px);\"\u003e\u003cdiv style=\"padding:16px;\"\u003e \u003ca href=\"https://www.instagram.com/p/CARbvuYDm3Q/?utm_source=ig_embed\u0026amp;utm_campaign=loading\" style=\" background:#FFFFFF; line-height:0; padding:0 0; text-align:center; text-decoration:none; width:100%;\" target=\"_blank\"\u003e \u003cdiv style=\" display: flex; flex-direction: row; align-items: center;\"\u003e \u003cdiv style=\"background-color: #F4F4F4; border-radius: 50%; flex-grow: 0; height: 40px; margin-right: 14px; width: 40px;\"\u003e\u003c/div\u003e \u003cdiv style=\"display: flex; flex-direction: column; flex-grow: 1; justify-content: center;\"\u003e \u003cdiv style=\" background-color: #F4F4F4; border-radius: 4px; flex-grow: 0; height: 14px; margin-bottom: 6px; width: 100px;\"\u003e\u003c/div\u003e \u003cdiv style=\" background-color: #F4F4F4; border-radius: 4px; flex-grow: 0; height: 14px; width: 60px;\"\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv style=\"padding: 19% 0;\"\u003e\u003c/div\u003e \u003cdiv style=\"display:block; height:50px; margin:0 auto 12px; width:50px;\"\u003e\u003csvg width=\"50px\" height=\"50px\" viewBox=\"0 0 60 60\" version=\"1.1\" xmlns=\"https://www.w3.org/2000/svg\" xmlns:xlink=\"https://www.w3.org/1999/xlink\"\u003e\u003cg stroke=\"none\" stroke-width=\"1\" fill=\"none\" fill-rule=\"evenodd\"\u003e\u003cg transform=\"translate(-511.000000, -20.000000)\" fill=\"#000000\"\u003e\u003cg\u003e\u003cpath d=\"M556.869,30.41 C554.814,30.41 553.148,32.076 553.148,34.131 C553.148,36.186 554.814,37.852 556.869,37.852 C558.924,37.852 560.59,36.186 560.59,34.131 C560.59,32.076 558.924,30.41 556.869,30.41 M541,60.657 C535.114,60.657 530.342,55.887 530.342,50 C530.342,44.114 535.114,39.342 541,39.342 C546.887,39.342 551.658,44.114 551.658,50 C551.658,55.887 546.887,60.657 541,60.657 M541,33.886 C532.1,33.886 524.886,41.1 524.886,50 C524.886,58.899 532.1,66.113 541,66.113 C549.9,66.113 557.115,58.899 557.115,50 C557.115,41.1 549.9,33.886 541,33.886 M565.378,62.101 C565.244,65.022 564.756,66.606 564.346,67.663 C563.803,69.06 563.154,70.057 562.106,71.106 C561.058,72.155 560.06,72.803 558.662,73.347 C557.607,73.757 556.021,74.244 553.102,74.378 C549.944,74.521 548.997,74.552 541,74.552 C533.003,74.552 532.056,74.521 528.898,74.378 C525.979,74.244 524.393,73.757 523.338,73.347 C521.94,72.803 520.942,72.155 519.894,71.106 C518.846,70.057 518.197,69.06 517.654,67.663 C517.244,66.606 516.755,65.022 516.623,62.101 C516.479,58.943 516.448,57.996 516.448,50 C516.448,42.003 516.479,41.056 516.623,37.899 C516.755,34.978 517.244,33.391 517.654,32.338 C518.197,30.938 518.846,29.942 519.894,28.894 C520.942,27.846 521.94,27.196 523.338,26.654 C524.393,26.244 525.979,25.756 528.898,25.623 C532.057,25.479 533.004,25.448 541,25.448 C548.997,25.448 549.943,25.479 553.102,25.623 C556.021,25.756 557.607,26.244 558.662,26.654 C560.06,27.196 561.058,27.846 562.106,28.894 C563.154,29.942 563.803,30.938 564.346,32.338 C564.756,33.391 565.244,34.978 565.378,37.899 C565.522,41.056 565.552,42.003 565.552,50 C565.552,57.996 565.522,58.943 565.378,62.101 M570.82,37.631 C570.674,34.438 570.167,32.258 569.425,30.349 C568.659,28.377 567.633,26.702 565.965,25.035 C564.297,23.368 562.623,22.342 560.652,21.575 C558.743,20.834 556.562,20.326 553.369,20.18 C550.169,20.033 549.148,20 541,20 C532.853,20 531.831,20.033 528.631,20.18 C525.438,20.326 523.257,20.834 521.349,21.575 C519.376,22.342 517.703,23.368 516.035,25.035 C514.368,26.702 513.342,28.377 512.574,30.349 C511.834,32.258 511.326,34.438 511.181,37.631 C511.035,40.831 511,41.851 511,50 C511,58.147 511.035,59.17 511.181,62.369 C511.326,65.562 511.834,67.743 512.574,69.651 C513.342,71.625 514.368,73.296 516.035,74.965 C517.703,76.634 519.376,77.658 521.349,78.425 C523.257,79.167 525.438,79.673 528.631,79.82 C531.831,79.965 532.853,80.001 541,80.001 C549.148,80.001 550.169,79.965 553.369,79.82 C556.562,79.673 558.743,79.167 560.652,78.425 C562.623,77.658 564.297,76.634 565.965,74.965 C567.633,73.296 568.659,71.625 569.425,69.651 C570.167,67.743 570.674,65.562 570.82,62.369 C570.966,59.17 571,58.147 571,50 C571,41.851 570.966,40.831 570.82,37.631\"\u003e\u003c/path\u003e\u003c/g\u003e\u003c/g\u003e\u003c/g\u003e\u003c/svg\u003e\u003c/div\u003e\u003cdiv style=\"padding-top: 8px;\"\u003e \u003cdiv style=\" color:#3897f0; font-family:Arial,sans-serif; font-size:14px; font-style:normal; font-weight:550; line-height:18px;\"\u003e View this post on Instagram\u003c/div\u003e\u003c/div\u003e\u003cdiv style=\"padding: 12.5% 0;\"\u003e\u003c/div\u003e \u003cdiv style=\"display: flex; flex-direction: row; margin-bottom: 14px; align-items: center;\"\u003e\u003cdiv\u003e \u003cdiv style=\"background-color: #F4F4F4; border-radius: 50%; height: 12.5px; width: 12.5px; transform: translateX(0px) translateY(7px);\"\u003e\u003c/div\u003e \u003cdiv style=\"background-color: #F4F4F4; height: 12.5px; transform: rotate(-45deg) translateX(3px) translateY(1px); width: 12.5px; flex-grow: 0; margin-right: 14px; margin-left: 2px;\"\u003e\u003c/div\u003e \u003cdiv style=\"background-color: #F4F4F4; border-radius: 50%; height: 12.5px; width: 12.5px; transform: translateX(9px) translateY(-18px);\"\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv style=\"margin-left: 8px;\"\u003e \u003cdiv style=\" background-color: #F4F4F4; border-radius: 50%; flex-grow: 0; height: 20px; width: 20px;\"\u003e\u003c/div\u003e \u003cdiv style=\" width: 0; height: 0; border-top: 2px solid transparent; border-left: 6px solid #f4f4f4; border-bottom: 2px solid transparent; transform: translateX(16px) translateY(-4px) rotate(30deg)\"\u003e\u003c/div\u003e\u003c/div\u003e\u003cdiv style=\"margin-left: auto;\"\u003e \u003cdiv style=\" width: 0px; border-top: 8px solid #F4F4F4; border-right: 8px solid transparent; transform: translateY(16px);\"\u003e\u003c/div\u003e \u003cdiv style=\" background-color: #F4F4F4; flex-grow: 0; height: 12px; width: 16px; transform: translateY(-4px);\"\u003e\u003c/div\u003e \u003cdiv style=\" width: 0; height: 0; border-top: 8px solid #F4F4F4; border-left: 8px solid transparent; transform: translateY(-4px) translateX(8px);\"\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e \u003cdiv style=\"display: flex; flex-direction: column; flex-grow: 1; justify-content: center; margin-bottom: 24px;\"\u003e \u003cdiv style=\" background-color: #F4F4F4; border-radius: 4px; flex-grow: 0; height: 14px; margin-bottom: 6px; width: 224px;\"\u003e\u003c/div\u003e \u003cdiv style=\" background-color: #F4F4F4; border-radius: 4px; flex-grow: 0; height: 14px; width: 144px;\"\u003e\u003c/div\u003e\u003c/div\u003e\u003c/a\u003e\u003cp style=\" color:#c9c8cd; font-family:Arial,sans-serif; font-size:14px; line-height:17px; margin-bottom:0; margin-top:8px; overflow:hidden; padding:8px 0 7px; text-align:center; text-overflow:ellipsis; white-space:nowrap;\"\u003e\u003ca href=\"https://www.instagram.com/p/CARbvuYDm3Q/?utm_source=ig_embed\u0026amp;utm_campaign=loading\" style=\" color:#c9c8cd; font-family:Arial,sans-serif; font-size:14px; font-style:normal; font-weight:normal; line-height:17px; text-decoration:none;\" target=\"_blank\"\u003eA post shared by National Geographic (@natgeo)\u003c/a\u003e\u003c/p\u003e\u003c/div\u003e\u003c/blockquote\u003e\n\u003cscript async src=\"//www.instagram.com/embed.js\"\u003e\u003c/script\u003e",
-"thumbnail_url": "https://scontent-yyz1-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/97565241_163250548553285_9172168193050746487_n.jpg?_nc_ht=scontent-yyz1-1.cdninstagram.com\u0026_nc_cat=105\u0026_nc_ohc=dnXCQ6urT_gAX99AO01\u0026_nc_tp=24\u0026oh=32b676a618164ab0248e2726767dae14\u0026oe=5FDD8836",
-"thumbnail_width": 640,
-"thumbnail_height": 427
-}
diff --git a/spec/lib/onebox/engine/instagram_onebox_spec.rb b/spec/lib/onebox/engine/instagram_onebox_spec.rb
index 9924e7064ac..f0d5c672b53 100644
--- a/spec/lib/onebox/engine/instagram_onebox_spec.rb
+++ b/spec/lib/onebox/engine/instagram_onebox_spec.rb
@@ -5,22 +5,23 @@ require "rails_helper"
describe Onebox::Engine::InstagramOnebox do
let(:access_token) { 'abc123' }
let(:link) { "https://www.instagram.com/p/CARbvuYDm3Q" }
+ let(:onebox_options) { { allowed_iframe_regexes: Onebox::Engine.origins_to_regexes(["https://www.instagram.com"]) } }
it 'oneboxes links that include the username' do
link_with_profile = 'https://www.instagram.com/bennyblood24/p/CARbvuYDm3Q/'
- onebox_klass = Onebox::Matcher.new(link_with_profile).oneboxed
+ onebox_klass = Onebox::Matcher.new(link_with_profile, onebox_options).oneboxed
expect(onebox_klass.name).to eq(described_class.name)
end
it 'oneboxes photo links' do
photo_link = 'https://www.instagram.com/p/CARbvuYDm3Q/'
- onebox_klass = Onebox::Matcher.new(photo_link).oneboxed
+ onebox_klass = Onebox::Matcher.new(photo_link, onebox_options).oneboxed
expect(onebox_klass.name).to eq(described_class.name)
end
it 'oneboxes tv links' do
tv_link = "https://www.instagram.com/tv/CIlM7UzMgXO/?hl=en"
- onebox_klass = Onebox::Matcher.new(tv_link).oneboxed
+ onebox_klass = Onebox::Matcher.new(tv_link, onebox_options).oneboxed
expect(onebox_klass.name).to eq(described_class.name)
end
@@ -28,6 +29,7 @@ describe Onebox::Engine::InstagramOnebox do
let(:api_link) { "https://graph.facebook.com/v9.0/instagram_oembed?url=#{link}&access_token=#{access_token}" }
before do
+ stub_request(:head, link)
stub_request(:get, api_link).to_return(status: 200, body: onebox_response("instagram"))
stub_request(:get, "https://api.instagram.com/oembed/?url=https://www.instagram.com/p/CARbvuYDm3Q")
.to_return(status: 200, body: onebox_response("instagram"))
@@ -39,18 +41,15 @@ describe Onebox::Engine::InstagramOnebox do
Onebox.options = @previous_options
end
- it "includes title" do
- onebox = described_class.new(link)
- html = onebox.to_html
-
- expect(html).to include('@natgeo')
+ it "renders preview with a placeholder" do
+ expect(Oneboxer.preview(link, invalidate_oneboxes: true)).to include('placeholder-icon image')
end
- it "includes image" do
+ it "renders html using an iframe" do
onebox = described_class.new(link)
html = onebox.to_html
- expect(html).to include("https://scontent.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/97565241_163250548553285_9172168193050746487_n.jpg")
+ expect(html).to include('@natgeo')
+ it "renders preview with a placeholder" do
+ expect(Oneboxer.preview(link, invalidate_oneboxes: true)).to include('placeholder-icon image')
end
- it "includes image" do
- expect(html).to include("https://scontent-yyz1-1.cdninstagram.com/v/t51.2885-15/sh0.08/e35/s640x640/97565241_163250548553285_9172168193050746487_n.jpg")
+ it "renders html using an iframe" do
+ expect(html).to include('