diff --git a/config/site_settings.yml b/config/site_settings.yml
index 3f010aa72ce..faba7b8a3f5 100644
--- a/config/site_settings.yml
+++ b/config/site_settings.yml
@@ -1591,6 +1591,9 @@ security:
send_old_credential_reminder_days:
default: 0
hidden: true
+ disable_onebox_media_download_controls:
+ default: false
+ hidden: true
onebox:
enable_flash_video_onebox: false
diff --git a/lib/onebox/discourse_onebox_sanitize_config.rb b/lib/onebox/discourse_onebox_sanitize_config.rb
index 93902fa347b..b9ab7ae64cb 100644
--- a/lib/onebox/discourse_onebox_sanitize_config.rb
+++ b/lib/onebox/discourse_onebox_sanitize_config.rb
@@ -5,9 +5,14 @@ module Onebox
module Config
DISCOURSE_ONEBOX ||=
Sanitize::Config.freeze_config(
- Sanitize::Config.merge(Sanitize::Config::ONEBOX,
- attributes: Sanitize::Config.merge(Sanitize::Config::ONEBOX[:attributes],
- 'aside' => [:data])))
+ Sanitize::Config.merge(
+ Sanitize::Config::ONEBOX,
+ attributes: Sanitize::Config.merge(
+ Sanitize::Config::ONEBOX[:attributes],
+ 'aside' => [:data]
+ )
+ )
+ )
end
end
end
diff --git a/lib/oneboxer.rb b/lib/oneboxer.rb
index eecc2a38d0b..edb47930f4f 100644
--- a/lib/oneboxer.rb
+++ b/lib/oneboxer.rb
@@ -221,18 +221,25 @@ module Oneboxer
end
def self.local_upload_html(url)
+ additional_controls = \
+ if SiteSetting.disable_onebox_media_download_controls
+ "controlslist='nodownload'"
+ else
+ ""
+ end
+
case File.extname(URI(url).path || "")
when VIDEO_REGEX
<<~HTML
HTML
when AUDIO_REGEX
- ""
+ ""
end
end
@@ -385,6 +392,7 @@ module Oneboxer
allowed_iframe_origins: allowed_iframe_origins,
hostname: GlobalSetting.hostname,
facebook_app_access_token: SiteSetting.facebook_app_access_token,
+ disable_media_download_controls: SiteSetting.disable_onebox_media_download_controls
}
options[:cookie] = fd.cookie if fd.cookie