From edb54a85036edb642b743905e247373226557f2c Mon Sep 17 00:00:00 2001 From: Cursor Agent Date: Sat, 4 Oct 2025 21:23:13 +0000 Subject: [PATCH] feat: block popups and redirects for English players - Add sandbox attribute to vidsrc and vidlink iframes - Sandbox allows: scripts, same-origin, forms, presentation - Sandbox blocks: popups, top navigation, unwanted redirects - Add referrerpolicy=no-referrer for extra security - Improves user experience by preventing annoying popups --- pkg/handlers/players.go | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/pkg/handlers/players.go b/pkg/handlers/players.go index 6eb9f86..d17f51d 100644 --- a/pkg/handlers/players.go +++ b/pkg/handlers/players.go @@ -532,7 +532,8 @@ func (h *PlayersHandler) GetVidsrcPlayer(w http.ResponseWriter, r *http.Request) log.Printf("Generated Vidsrc URL: %s", playerURL) - iframe := fmt.Sprintf(``, playerURL) + // Sandbox блокирует всплывающие окна и нежелательные редиректы + iframe := fmt.Sprintf(``, playerURL) htmlDoc := fmt.Sprintf(`Vidsrc Player%s`, iframe) w.Header().Set("Content-Type", "text/html") @@ -557,7 +558,8 @@ func (h *PlayersHandler) GetVidlinkMoviePlayer(w http.ResponseWriter, r *http.Re log.Printf("Generated Vidlink Movie URL: %s", playerURL) - iframe := fmt.Sprintf(``, playerURL) + // Sandbox блокирует всплывающие окна и нежелательные редиректы + iframe := fmt.Sprintf(``, playerURL) htmlDoc := fmt.Sprintf(`Vidlink Player%s`, iframe) w.Header().Set("Content-Type", "text/html") @@ -589,7 +591,8 @@ func (h *PlayersHandler) GetVidlinkTVPlayer(w http.ResponseWriter, r *http.Reque log.Printf("Generated Vidlink TV URL: %s", playerURL) - iframe := fmt.Sprintf(``, playerURL) + // Sandbox блокирует всплывающие окна и нежелательные редиректы + iframe := fmt.Sprintf(``, playerURL) htmlDoc := fmt.Sprintf(`Vidlink Player%s`, iframe) w.Header().Set("Content-Type", "text/html")