(2016-01-23, 11:31 AM)Blackbeard Wrote: [ -> ]can someone post a preview please? main post image doesn't work.
If you want to see in use pm me. You can also resize the frame.
no need, thanks. Looks very nice!
A small update
Title
spotify
Regular expression
\[spotify=(album|track|playlist)\](.*?)\[/spotify\]
Replacement
<iframe src="https://open.spotify.com/embed/$1/$2" width="300" height="80" frameborder="0" allowtransparency="true" allow="encrypted-media"></iframe>
Examples
[spotify=track]3A9CyZ67l8GR6MRqNThS3s[/spotify]
[spotify=playlist]3cqyIkP2DDmWc5iExmbTld[/spotify]
[spotify=album]4Yv09HhX5L4fvlHHpTZ9UW[/spotify]
Result
![[Image: image.png]](https://camo.mybb.com/db02afeb9ba6b46e833e401b9c05652fb9accbcd/68747470733a2f2f692e6962622e636f2f644439634270682f696d6167652e706e67)
interesting tutorial. However, isn't spotify if not logged in, it only shows a preview of the song?
It's only shows 30 seconds even if I logged on Spotify. Is there any update for this?
(2020-04-29, 07:03 PM)Mixy Wrote: [ -> ]A small update
Title
spotify
Regular expression
\[spotify=(album|track|playlist)\](.*?)\[/spotify\]
Replacement
<iframe src="https://open.spotify.com/embed/$1/$2" width="300" height="80" frameborder="0" allowtransparency="true" allow="encrypted-media"></iframe>
Examples
[spotify=track]3A9CyZ67l8GR6MRqNThS3s[/spotify]
[spotify=playlist]3cqyIkP2DDmWc5iExmbTld[/spotify]
[spotify=album]4Yv09HhX5L4fvlHHpTZ9UW[/spotify]
Result
![[Image: image.png]](https://camo.mybb.com/db02afeb9ba6b46e833e401b9c05652fb9accbcd/68747470733a2f2f692e6962622e636f2f644439634270682f696d6167652e706e67)
XSS vulnerable. Do not use.
Is there a way to make Mixy's MyCode not be XSS vulnerable?
Would modifying the regex to be:
\[spotify=(album|track|playlist)\]([a-zA-Z0-9-_]+)\[/spotify\]
(restricts the second capturing group to only alphanumeric characters, hyphens, and underscores)
be enough to prevent XSS vulnerabilities?