class MediaSettingsForm
Same name in other branches
- 9 core/modules/media/src/Form/MediaSettingsForm.php \Drupal\media\Form\MediaSettingsForm
- 8.9.x core/modules/media/src/Form/MediaSettingsForm.php \Drupal\media\Form\MediaSettingsForm
- 10 core/modules/media/src/Form/MediaSettingsForm.php \Drupal\media\Form\MediaSettingsForm
Provides a form to configure Media settings.
@internal
Hierarchy
- class \Drupal\Core\Form\FormBase implements \Drupal\Core\Form\FormInterface, \Drupal\Core\DependencyInjection\ContainerInjectionInterface uses \Drupal\Core\DependencyInjection\DependencySerializationTrait, \Drupal\Core\Logger\LoggerChannelTrait, \Drupal\Core\Messenger\MessengerTrait, \Drupal\Core\Routing\RedirectDestinationTrait, \Drupal\Core\StringTranslation\StringTranslationTrait
- class \Drupal\Core\Form\ConfigFormBase extends \Drupal\Core\Form\FormBase uses \Drupal\Core\Form\ConfigFormBaseTrait
- class \Drupal\media\Form\MediaSettingsForm extends \Drupal\Core\Form\ConfigFormBase
- class \Drupal\Core\Form\ConfigFormBase extends \Drupal\Core\Form\FormBase uses \Drupal\Core\Form\ConfigFormBaseTrait
Expanded class hierarchy of MediaSettingsForm
1 string reference to 'MediaSettingsForm'
- media.routing.yml in core/
modules/ media/ media.routing.yml - core/modules/media/media.routing.yml
File
-
core/
modules/ media/ src/ Form/ MediaSettingsForm.php, line 19
Namespace
Drupal\media\FormView source
class MediaSettingsForm extends ConfigFormBase {
/**
* The iFrame URL helper service.
*
* @var \Drupal\media\IFrameUrlHelper
*/
protected $iFrameUrlHelper;
/**
* The entity type manager.
*
* @var \Drupal\Core\Entity\EntityTypeManagerInterface
*/
protected $entityTypeManager;
/**
* MediaSettingsForm constructor.
*
* @param \Drupal\Core\Config\ConfigFactoryInterface $config_factory
* The config factory service.
* @param \Drupal\Core\Config\TypedConfigManagerInterface $typedConfigManager
* The typed config manager.
* @param \Drupal\media\IFrameUrlHelper $iframe_url_helper
* The iFrame URL helper service.
* @param \Drupal\Core\Entity\EntityTypeManagerInterface $entity_type_manager
* The entity type manager.
*/
public function __construct(ConfigFactoryInterface $config_factory, TypedConfigManagerInterface $typedConfigManager, IFrameUrlHelper $iframe_url_helper, EntityTypeManagerInterface $entity_type_manager) {
parent::__construct($config_factory, $typedConfigManager);
$this->iFrameUrlHelper = $iframe_url_helper;
$this->entityTypeManager = $entity_type_manager;
}
/**
* {@inheritdoc}
*/
public static function create(ContainerInterface $container) {
return new static($container->get('config.factory'), $container->get('config.typed'), $container->get('media.oembed.iframe_url_helper'), $container->get('entity_type.manager'));
}
/**
* {@inheritdoc}
*/
public function getFormId() {
return 'media_settings_form';
}
/**
* {@inheritdoc}
*/
protected function getEditableConfigNames() {
return [
'media.settings',
];
}
/**
* {@inheritdoc}
*/
public function buildForm(array $form, FormStateInterface $form_state) {
$domain = $this->config('media.settings')
->get('iframe_domain');
if (!$this->iFrameUrlHelper
->isSecure($domain)) {
$message = $this->t('It is potentially insecure to display oEmbed content in a frame that is served from the same domain as your main Drupal site, as this may allow execution of third-party code. Refer to <a href="https://oembed.com/#section3">oEmbed Security Considerations</a>.');
$this->messenger()
->addWarning($message);
}
$description = '<p>' . $this->t('Displaying media assets from third-party services, such as YouTube or Twitter, can be risky. This is because many of these services return arbitrary HTML to represent those assets, and that HTML may contain executable JavaScript code. If handled improperly, this can increase the risk of your site being compromised.') . '</p>';
$description .= '<p>' . $this->t('In order to mitigate the risks, third-party assets are displayed in an iFrame, which effectively sandboxes any executable code running inside it. For even more security, the iFrame can be served from an alternate domain (that also points to your Drupal site), which you can configure on this page. This helps safeguard cookies and other sensitive information.') . '</p>';
$form['security'] = [
'#type' => 'details',
'#title' => $this->t('Security'),
'#description' => $description,
'#open' => TRUE,
];
// @todo Figure out how and if we should validate that this domain actually
// points back to Drupal.
// See https://www.drupal.org/project/drupal/issues/2965979 for more info.
$form['security']['iframe_domain'] = [
'#type' => 'url',
'#title' => $this->t('iFrame domain'),
'#size' => 40,
'#maxlength' => 255,
'#config_target' => new ConfigTarget('media.settings', 'iframe_domain', toConfig: fn(?string $value) => $value ?: NULL),
'#description' => $this->t('Enter a different domain from which to serve oEmbed content, including the <em>http://</em> or <em>https://</em> prefix. This domain needs to point back to this site, or existing oEmbed content may not display correctly, or at all.'),
];
$form['security']['standalone_url'] = [
'#prefix' => '<hr>',
'#type' => 'checkbox',
'#title' => $this->t('Standalone media URL'),
'#config_target' => 'media.settings:standalone_url',
'#description' => $this->t("Allow users to access @media-entities at /media/{id}.", [
'@media-entities' => $this->entityTypeManager
->getDefinition('media')
->getPluralLabel(),
]),
];
return parent::buildForm($form, $form_state);
}
}
Members
Title Sort descending | Modifiers | Object type | Summary | Overriden Title | Overrides |
---|---|---|---|---|---|
ConfigFormBase::checkConfigOverrides | public | function | Form #after_build callback: Adds message if overrides exist. | ||
ConfigFormBase::CONFIG_KEY_TO_FORM_ELEMENT_MAP | protected | constant | The $form_state key which stores a map of config keys to form elements. | ||
ConfigFormBase::copyFormValuesToConfig | private static | function | Copies form values to Config keys. | ||
ConfigFormBase::doStoreConfigMap | protected | function | Helper method for #after_build callback ::storeConfigKeyToFormElementMap(). | ||
ConfigFormBase::formatMultipleViolationsMessage | protected | function | Formats multiple violation messages associated with a single form element. | 1 | |
ConfigFormBase::loadDefaultValuesFromConfig | public | function | Process callback to recursively load default values from #config_target. | ||
ConfigFormBase::storeConfigKeyToFormElementMap | public | function | #after_build callback which stores a map of element names to config keys. | ||
ConfigFormBase::submitForm | public | function | Overrides FormInterface::submitForm | 24 | |
ConfigFormBase::typedConfigManager | protected | function | Returns the typed config manager service. | ||
ConfigFormBase::validateForm | public | function | Overrides FormBase::validateForm | 13 | |
ConfigFormBaseTrait::config | protected | function | Retrieves a configuration object. | ||
DependencySerializationTrait::$_entityStorages | protected | property | |||
DependencySerializationTrait::$_serviceIds | protected | property | |||
DependencySerializationTrait::__sleep | public | function | 1 | ||
DependencySerializationTrait::__wakeup | public | function | 2 | ||
FormBase::$configFactory | protected | property | The config factory. | 2 | |
FormBase::$requestStack | protected | property | The request stack. | 1 | |
FormBase::$routeMatch | protected | property | The route match. | ||
FormBase::configFactory | protected | function | Gets the config factory for this form. | 2 | |
FormBase::container | private | function | Returns the service container. | ||
FormBase::currentUser | protected | function | Gets the current user. | 2 | |
FormBase::getRequest | protected | function | Gets the request object. | ||
FormBase::getRouteMatch | protected | function | Gets the route match. | ||
FormBase::logger | protected | function | Gets the logger for a specific channel. | ||
FormBase::redirect | protected | function | Returns a redirect response object for the specified route. | ||
FormBase::resetConfigFactory | public | function | Resets the configuration factory. | ||
FormBase::setConfigFactory | public | function | Sets the config factory for this form. | ||
FormBase::setRequestStack | public | function | Sets the request stack object to use. | ||
LoggerChannelTrait::$loggerFactory | protected | property | The logger channel factory service. | ||
LoggerChannelTrait::getLogger | protected | function | Gets the logger for a specific channel. | ||
LoggerChannelTrait::setLoggerFactory | public | function | Injects the logger channel factory. | ||
MediaSettingsForm::$entityTypeManager | protected | property | The entity type manager. | ||
MediaSettingsForm::$iFrameUrlHelper | protected | property | The iFrame URL helper service. | ||
MediaSettingsForm::buildForm | public | function | Overrides ConfigFormBase::buildForm | ||
MediaSettingsForm::create | public static | function | Overrides ConfigFormBase::create | ||
MediaSettingsForm::getEditableConfigNames | protected | function | Overrides ConfigFormBaseTrait::getEditableConfigNames | ||
MediaSettingsForm::getFormId | public | function | Overrides FormInterface::getFormId | ||
MediaSettingsForm::__construct | public | function | MediaSettingsForm constructor. | Overrides ConfigFormBase::__construct | |
MessengerTrait::$messenger | protected | property | The messenger. | 16 | |
MessengerTrait::messenger | public | function | Gets the messenger. | 16 | |
MessengerTrait::setMessenger | public | function | Sets the messenger. | ||
RedirectDestinationTrait::$redirectDestination | protected | property | The redirect destination service. | 2 | |
RedirectDestinationTrait::getDestinationArray | protected | function | Prepares a 'destination' URL query parameter for use with \Drupal\Core\Url. | ||
RedirectDestinationTrait::getRedirectDestination | protected | function | Returns the redirect destination service. | ||
RedirectDestinationTrait::setRedirectDestination | public | function | Sets the redirect destination service. | ||
StringTranslationTrait::$stringTranslation | protected | property | The string translation service. | 3 | |
StringTranslationTrait::formatPlural | protected | function | Formats a string containing a count of items. | ||
StringTranslationTrait::getNumberOfPlurals | protected | function | Returns the number of plurals supported by a given language. | ||
StringTranslationTrait::getStringTranslation | protected | function | Gets the string translation service. | ||
StringTranslationTrait::setStringTranslation | public | function | Sets the string translation service to use. | 2 | |
StringTranslationTrait::t | protected | function | Translates a string to the current language or to a given language. |
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.