diff --git a/lib/gollum-lib/macro/video.rb b/lib/gollum-lib/macro/video.rb
index e2f05ebf..6a7d17de 100644
--- a/lib/gollum-lib/macro/video.rb
+++ b/lib/gollum-lib/macro/video.rb
@@ -1,8 +1,10 @@
module Gollum
class Macro
class Video < Gollum::Macro
- def render (fname)
- ""
+ def render(fname, auto=false)
+ escaped_fname = CGI.escapeHTML(fname)
+ properties = auto ? "autoplay='true' playsinline='true' muted='true' loop='true'" : "controls='true'"
+ ""
end
end
end
diff --git a/lib/gollum-lib/sanitization.rb b/lib/gollum-lib/sanitization.rb
index 0f6ddf9f..8d6ba418 100644
--- a/lib/gollum-lib/sanitization.rb
+++ b/lib/gollum-lib/sanitization.rb
@@ -1,5 +1,5 @@
::Loofah::HTML5::SafeList::ACCEPTABLE_PROTOCOLS.add('apt')
-::Loofah::HTML5::SafeList::ALLOWED_ATTRIBUTES.add('controls')
+::Loofah::HTML5::SafeList::ALLOWED_ATTRIBUTES.merge(%w[controls loop muted playsinline autoplay])
module Gollum
class Sanitization
diff --git a/test/test_macros.rb b/test/test_macros.rb
index 0f4783ba..c1375424 100644
--- a/test/test_macros.rb
+++ b/test/test_macros.rb
@@ -150,12 +150,28 @@ def render(opts)
assert_match(/@xyzzy = Foo@/, @wiki.pages[0].formatted_data)
end
- test "Video macro given a name of a file displays an html5 video tag" do
+ test "Video macro given a name of a file renders an html5 video tag" do
file = "/Uploads/foo.mp4"
@wiki.write_page("VideoTagTest", :markdown, "<>", commit_details)
- assert_match /