lib/onebox/engine/vimeo_onebox.rb in onebox-1.7.3 vs lib/onebox/engine/vimeo_onebox.rb in onebox-1.7.4
- old
+ new
@@ -7,10 +7,11 @@
matches_regexp(/^https?:\/\/(www\.)?vimeo\.com\/\d+$/)
always_https
def placeholder_html
oembed = get_oembed
- "<img src='#{oembed[:thumbnail_url]}' width='#{oembed[:thumbnail_width]}' height='#{oembed[:thumbnail_height]}' #{Helpers.title_attr(oembed)}>"
+ escaped_src = ::Onebox::Helpers.normalize_url_for_output(oembed[:thumbnail_url])
+ "<img src='#{escaped_src}' width='#{oembed[:thumbnail_width]}' height='#{oembed[:thumbnail_height]}' #{Helpers.title_attr(oembed)}>"
end
def to_html
get_oembed[:html]
end