class MediaSettingsForm in Drupal 9
Same name and namespace in other branches
- 8 core/modules/media/src/Form/MediaSettingsForm.php \Drupal\media\Form\MediaSettingsForm
Provides a form to configure Media settings.
@internal
Hierarchy
- class \Drupal\Core\Form\FormBase implements ContainerInjectionInterface, FormInterface uses DependencySerializationTrait, LoggerChannelTrait, MessengerTrait, RedirectDestinationTrait, StringTranslationTrait
- class \Drupal\Core\Form\ConfigFormBase uses ConfigFormBaseTrait
- class \Drupal\media\Form\MediaSettingsForm
- class \Drupal\Core\Form\ConfigFormBase uses ConfigFormBaseTrait
Expanded class hierarchy of MediaSettingsForm
1 string reference to 'MediaSettingsForm'
- media.routing.yml in core/
modules/ media/ media.routing.yml - core/modules/media/media.routing.yml
File
- core/
modules/ media/ src/ Form/ MediaSettingsForm.php, line 17
Namespace
Drupal\media\FormView source
class MediaSettingsForm extends ConfigFormBase {
/**
* The iFrame URL helper service.
*
* @var \Drupal\media\IFrameUrlHelper
*/
protected $iFrameUrlHelper;
/**
* The entity type manager.
*
* @var \Drupal\Core\Entity\EntityTypeManagerInterface
*/
protected $entityTypeManager;
/**
* MediaSettingsForm constructor.
*
* @param \Drupal\Core\Config\ConfigFactoryInterface $config_factory
* The config factory service.
* @param \Drupal\media\IFrameUrlHelper $iframe_url_helper
* The iFrame URL helper service.
* @param \Drupal\Core\Entity\EntityTypeManagerInterface $entity_type_manager
* The entity type manager.
*/
public function __construct(ConfigFactoryInterface $config_factory, IFrameUrlHelper $iframe_url_helper, EntityTypeManagerInterface $entity_type_manager) {
parent::__construct($config_factory);
$this->iFrameUrlHelper = $iframe_url_helper;
$this->entityTypeManager = $entity_type_manager;
}
/**
* {@inheritdoc}
*/
public static function create(ContainerInterface $container) {
return new static($container
->get('config.factory'), $container
->get('media.oembed.iframe_url_helper'), $container
->get('entity_type.manager'));
}
/**
* {@inheritdoc}
*/
public function getFormId() {
return 'media_settings_form';
}
/**
* {@inheritdoc}
*/
protected function getEditableConfigNames() {
return [
'media.settings',
];
}
/**
* {@inheritdoc}
*/
public function buildForm(array $form, FormStateInterface $form_state) {
$domain = $this
->config('media.settings')
->get('iframe_domain');
if (!$this->iFrameUrlHelper
->isSecure($domain)) {
$message = $this
->t('It is potentially insecure to display oEmbed content in a frame that is served from the same domain as your main Drupal site, as this may allow execution of third-party code. Refer to <a href="https://oembed.com/#section3">oEmbed Security Considerations</a>.');
$this
->messenger()
->addWarning($message);
}
$description = '<p>' . $this
->t('Displaying media assets from third-party services, such as YouTube or Twitter, can be risky. This is because many of these services return arbitrary HTML to represent those assets, and that HTML may contain executable JavaScript code. If handled improperly, this can increase the risk of your site being compromised.') . '</p>';
$description .= '<p>' . $this
->t('In order to mitigate the risks, third-party assets are displayed in an iFrame, which effectively sandboxes any executable code running inside it. For even more security, the iFrame can be served from an alternate domain (that also points to your Drupal site), which you can configure on this page. This helps safeguard cookies and other sensitive information.') . '</p>';
$form['security'] = [
'#type' => 'details',
'#title' => $this
->t('Security'),
'#description' => $description,
'#open' => TRUE,
];
// @todo Figure out how and if we should validate that this domain actually
// points back to Drupal.
// See https://www.drupal.org/project/drupal/issues/2965979 for more info.
$form['security']['iframe_domain'] = [
'#type' => 'url',
'#title' => $this
->t('iFrame domain'),
'#size' => 40,
'#maxlength' => 255,
'#default_value' => $domain,
'#description' => $this
->t('Enter a different domain from which to serve oEmbed content, including the <em>http://</em> or <em>https://</em> prefix. This domain needs to point back to this site, or existing oEmbed content may not display correctly, or at all.'),
];
$form['security']['standalone_url'] = [
'#prefix' => '<hr>',
'#type' => 'checkbox',
'#title' => $this
->t('Standalone media URL'),
'#default_value' => $this
->config('media.settings')
->get('standalone_url'),
'#description' => $this
->t("Allow users to access @media-entities at /media/{id}.", [
'@media-entities' => $this->entityTypeManager
->getDefinition('media')
->getPluralLabel(),
]),
];
return parent::buildForm($form, $form_state);
}
/**
* {@inheritdoc}
*/
public function submitForm(array &$form, FormStateInterface $form_state) {
$this
->config('media.settings')
->set('iframe_domain', $form_state
->getValue('iframe_domain'))
->set('standalone_url', $form_state
->getValue('standalone_url'))
->save();
parent::submitForm($form, $form_state);
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
ConfigFormBaseTrait:: |
protected | function | Retrieves a configuration object. | |
DependencySerializationTrait:: |
protected | property | ||
DependencySerializationTrait:: |
protected | property | ||
DependencySerializationTrait:: |
public | function | 2 | |
DependencySerializationTrait:: |
public | function | 2 | |
FormBase:: |
protected | property | The config factory. | 3 |
FormBase:: |
protected | property | The request stack. | 1 |
FormBase:: |
protected | property | The route match. | |
FormBase:: |
protected | function | Gets the config factory for this form. | 3 |
FormBase:: |
private | function | Returns the service container. | |
FormBase:: |
protected | function | Gets the current user. | |
FormBase:: |
protected | function | Gets the request object. | |
FormBase:: |
protected | function | Gets the route match. | |
FormBase:: |
protected | function | Gets the logger for a specific channel. | |
FormBase:: |
protected | function | Returns a redirect response object for the specified route. | |
FormBase:: |
public | function | Resets the configuration factory. | |
FormBase:: |
public | function | Sets the config factory for this form. | |
FormBase:: |
public | function | Sets the request stack object to use. | |
FormBase:: |
public | function |
Form validation handler. Overrides FormInterface:: |
72 |
LoggerChannelTrait:: |
protected | property | The logger channel factory service. | |
LoggerChannelTrait:: |
protected | function | Gets the logger for a specific channel. | |
LoggerChannelTrait:: |
public | function | Injects the logger channel factory. | |
MediaSettingsForm:: |
protected | property | The entity type manager. | |
MediaSettingsForm:: |
protected | property | The iFrame URL helper service. | |
MediaSettingsForm:: |
public | function |
Form constructor. Overrides ConfigFormBase:: |
|
MediaSettingsForm:: |
public static | function |
Instantiates a new instance of this class. Overrides ConfigFormBase:: |
|
MediaSettingsForm:: |
protected | function |
Gets the configuration names that will be editable. Overrides ConfigFormBaseTrait:: |
|
MediaSettingsForm:: |
public | function |
Returns a unique string identifying the form. Overrides FormInterface:: |
|
MediaSettingsForm:: |
public | function |
Form submission handler. Overrides ConfigFormBase:: |
|
MediaSettingsForm:: |
public | function |
MediaSettingsForm constructor. Overrides ConfigFormBase:: |
|
MessengerTrait:: |
protected | property | The messenger. | 27 |
MessengerTrait:: |
public | function | Gets the messenger. | 27 |
MessengerTrait:: |
public | function | Sets the messenger. | |
RedirectDestinationTrait:: |
protected | property | The redirect destination service. | 1 |
RedirectDestinationTrait:: |
protected | function | Prepares a 'destination' URL query parameter for use with \Drupal\Core\Url. | |
RedirectDestinationTrait:: |
protected | function | Returns the redirect destination service. | |
RedirectDestinationTrait:: |
public | function | Sets the redirect destination service. | |
StringTranslationTrait:: |
protected | property | The string translation service. | 4 |
StringTranslationTrait:: |
protected | function | Formats a string containing a count of items. | |
StringTranslationTrait:: |
protected | function | Returns the number of plurals supported by a given language. | |
StringTranslationTrait:: |
protected | function | Gets the string translation service. | |
StringTranslationTrait:: |
public | function | Sets the string translation service to use. | 2 |
StringTranslationTrait:: |
protected | function | Translates a string to the current language or to a given language. |