Quantcast
Channel: Issues for Drupal core
Viewing all 297515 articles
Browse latest View live

Simpletest does not reset the $theme* globals

April 20, 2017, 6:50 am
$
0
0

When testing, the $theme* globals are not reset. This causes test failures under the following circumstances:
- The site running tests has a different theme.
- Some test depends on specific theming output, which is altered by that theme.

Steps to reproduce:

- Install the corporateclean theme. Set a custom breadcrumb separator on the theme settings page
- If you are running tests through the GUI, make sure it is also the admin theme.
- Run the Blog, Forum or Theme tests.

Solution:

Reset the $theme* globals, so that the theme from the test environment is used.

Search

Impossible to make deprecated trait without fails

March 2, 2018, 4:31 am

Incorrect domain from url and session generator behind reverse proxy

January 23, 2014, 7:39 am
$
0
0

When placing a Drupal 8 site behind a reverse proxy then the URL and session generator ignore the X-Forwarded-Host request header.

Url generator
Absolute URLs are being generated based upon the Host header instead of the X-Forwarded-Host header even when the settings.php is configured to allow reverse proxies. Invoking Drupal::request()->getHost() results in the correct host. The problem is caused by the url generator service being initialized before the ReverseProxySubscriber has a chance to assign trusted reverse proxies.

Session generator
Retrieving session cookie parameters from session_get_cookie_params() results in the domain matching the Host header instead of X-Forwarded-Host.

Proposed fix
This solution moves the trusted proxy logic from ReverseProxySubscriber to drupal_handle_request()

// Create a request object from the HttpFoundation.
$request = Request::createFromGlobals();
// Get the current settings.
$settings = \Drupal\Component\Utility\Settings::getSingleton();
// Check whether the reverse proxy settings should be used.
if ($settings->get('reverse_proxy', 0)) {
  // Allow the request to use the reverse proxy headers.
  $reverse_proxy_header = $settings->get('reverse_proxy_header', 'HTTP_X_FORWARDED_FOR');
  $request::setTrustedHeaderName($request::HEADER_CLIENT_IP, $reverse_proxy_header);
  $reverse_proxy_addresses = $settings->get('reverse_proxy_addresses', array());
  $request::setTrustedProxies($reverse_proxy_addresses);
  // Set the session cookie domain to the correct host.
  ini_set('session.cookie_domain', ".{$request->getHost()}");
}
// Attach the request to the dependency container.
\Drupal::getContainer()->set('request', $request);

Update.php - Reverse proxy settings not used

November 18, 2015, 8:36 pm
$
0
0

Problem/Motivation

Running update.php under SSL behind a reverse proxy doesn't work. Reverse proxy settings from settings.php don't appear to be respected. I'm running a Drupal 8 site on Acquia, and the request header overrides aren't working on update.php. This appears to be happening because middleware (including ReverseProxyMiddleWare) isn't running on the request.

Proposed resolution

Not sure... Either pull the logic from ReverseProxyMiddleWare into update.php, or run selected middlewares on update.

Remaining tasks

Come up with an approach and implement it.

Support config entities in typed data EntityAdapter

October 20, 2012, 9:32 am
$
0
0

Problem/Motivation

Now as the new entity field API got committed, we need to convert existing entity types to make use of it. See #1346214: [meta] Unified Entity Field API and the "Entity Field API" tag.

Configuration entities need to be supported by the entity data type deriver (\Drupal\Core\Entity\Plugin\DataType\Deriver\EntityDeriver). Supporting configuration entities as typed data is a step to supporting config entity validation for the rest API.

Proposed resolution

Add a new \Drupal\Core\Entity\Plugin\DataType\ConfigEntityAdapter class to enhance the existing \Drupal\Core\Entity\Plugin\DataType\EntityAdapter so that configuration entities can be a supported data type.

Remaining tasks

User interface changes

None

API changes

Configuration entity data types supported by the typed data system. There are derived in a similar way to content entities - ie. "entity:$entity_type" and "entity:$entity_type:$bundle" data types.

Data model changes

None

Add README.txt to Bartik theme

June 16, 2016, 2:47 am
$
0
0

Problem/Motivation

The Bartik theme lacks of a README.txt file.

Proposed resolution

Add README.txt file to Bartik theme.
The goals are:

  • Report the info provided in the info.yml file.
  • Explain the origin of the theme's name.
  • Provide a link to the theme documentation page.
  • Provide a link to documentation about Drupal theming.

Remaining tasks

User interface changes

API changes

Update core modules to use the new batch builder

May 3, 2017, 5:59 am
$
0
0

Problem/Motivation

A batch builder object was added in #2401797: Introduce a batch builder class to make the batch API easier to use. The Drupal core should be updated to use the batch builder.

The code to update can most easily be found by looking for the uses of batch_set(). Example usage is in the class comment for \Drupal\Core\Batch\BatchBuilder.

Proposed resolution

Use BatchBuilder in the following core modules:

Remaining tasks

  • Fix remaining test failures/code review items in the following core modules:
    • simpletest
    • system
    • update
  • Review patch

List of contributors

overall: john@johncook.me.uk, mradcliffe
- config: rajeshwari10 at Valuebound, RajeevK at Sirius, Yogesh Pawar at QED42, James.Shee
- locale: lcngeo
- migrate_drupal_ui: rajeshwari10 at Valuebound, RajeevK at Sirius, Yogesh Pawar at QED42
- node: rajeshwari10 at Valuebound, RajeevK at Sirius, borisson_
- simpletest: time2buzzthetower, RajeevK at Sirius
- system: ccasals at Portland Webworks
- update: kavo
- user: ccasals at Portland Webworks

Use modals for creating, updating, and deleting workflows, with a new DialogFormTrait

November 25, 2016, 11:10 am
$
0
0

Problem/Motivation

The current workflow UI is very disjointed. Each link to Create, Update, or Delete a workflow state or transition takes the user off to a new page, which can result them getting lost, or at best a few clicks away from where they started.

Proposed resolution

As proposed in https://marvelapp.com/1124911 the new workflows UI is a unified single area for Creating, Updating, and Deleing workflow states and transitions.

Remaining tasks

User interface changes

Here's some screenshots of the state, transition, and delete modals based on #166:

API changes

Data model changes

Search

Add README.txt to Umami theme

May 12, 2018, 2:15 am
$
0
0

Problem/Motivation
The Umami theme lacks of a README.txt file.

Proposed resolution
Add README.txt file to Umami theme.
The goals are:

  • Report the info provided in the info.yml file.
  • Explain the origin of the theme's name.
  • Provide a link to the theme documentation page.
  • Provide a link to documentation about Drupal theming.

Remaining tasks
User interface changes
API changes

Batch is dependent on the order of query string parameters

May 17, 2017, 12:56 am
$
0
0

We are going through CloudFlare and we enabled their feature "Query String Sort". It's very useful, mostly for the search, because the query string parameters are always sorted alphabetically and you keep the number of combinations of the query string parameters to minimum. So for example the following requests:

?a=value&c=value&d=value&b=value
?b=value&d=value&c=value&a=value
?d=value&c=value&b=value&a=value
...

Will become one particular request

?a=value&b=value&c=value&d=value

So what happens with batch processing, if the query string sorting is enabled? Let's use real batch request:

/batch?id=18&op=do_nojs&op=do&_format=json

When sorting query string parameters, the request is turned to:

/batch?_format=json&id=18&op=do&op=do_nojs

And this results in error:

{"message":"Not acceptable format: json"}

Your larger batches are not fully processed. Why is this caused? The problem is that by reordering query string parameters Drupal thinks that operation is suddenly "do_nojs" and not "do", since it is now last one in the query string. So in the _batch_page() function in the switch it goes to "do_nojs" case and thus it ends up throwing exception in:

web/core/lib/Drupal/Core/EventSubscriber/AcceptNegotiation406.php:32

Full error message:

Symfony\Component\HttpKernel\Exception\NotAcceptableHttpException: Not acceptable format: json in Drupal\Core\EventSubscriber\AcceptNegotiation406->onViewDetect406() (Line 32 in /web/core/lib/Drupal/Core/EventSubscriber/AcceptNegotiation406.php).

Sooooo, that's it. It would be really really amazing to making Batch to be not dependent on the order of query string parameters. Because currently with specific server configuration (or by using some external services), which reorders query string parameters, your batch processing won't work anymore.

Dockblock for dropbutton theme function is incorrect.

May 12, 2018, 2:42 am
$
0
0

Problem/Motivation

The documentation for the Drupal.theme.dropbuttonToggle function doesn't make sense. It says:

     * @param {string} [options.title]
     *   The HTML anchor title attribute and text for the inner span element.

But this theme function doesn't output a HTML anchor - it outputs a HTML button. And there isn't a title attribute in the output either.

Proposed resolution

Update the docblock, so it matches the actual output:

  • options.title is the label for a HTML button (not for a HTML anchor).
  • and remove the part about the title attribute, because there isn't a title attribute in the output.

Remaining tasks

User interface changes

None.

API changes

None.

Data model changes

None.

Add chili sauce to Umami

February 8, 2018, 8:14 am

Evaluate performance impact of limiting test discovery to *Test.php filename suffix

July 2, 2014, 9:25 am
$
0
0

Follow-up to #697760: Replace getInfo() in tests with native phpDoc + annotations (following PHPUnit) + #2293825: Various test classes do not have a "Test" suffix

Objective

  1. ~10% of all class files that are evaluated by the test discovery are not tests (with just core).
  2. Every class is introspected + loaded persistently into memory, which increases memory/resource consumption.
  3. Limiting test discovery to *Test.php filenames would avoid needless introspection/reflection of ~130+ classes.

Tasks

  1. Change the file filter in TestDiscovery.
  2. Profile/benchmark the performance difference.
  3. Discuss, based on hard numbers.

Notes

  1. PHPUnit only discovers *Test.php files by default, so as to ignore test base classes + any other possibly existing fixtures.
  2. Following PHPUnit's (industry standard) lead would definitely improve consistency across testing frameworks. → Learn once, stay familiar.
  3. Drupal implements test suites which can load different test types under the phpunit tool. These suites inherit their file scanning abilities from TestDiscovery::scanDirectory(). So any improvement to scanDirectory() will be an improvement for our implementation of PHPUnit as well.

Counter-Arguments / Concerns

  1. The filter is applied during discovery already. A wrongly named test file is not executed and does not throw an error, because it is not found in the first place.

    This could result in "false-positive" test results, because a newly added test was not actually executed.

    Counter-Counter-Arguments:

    1. *Test.php filename suffixes are industry standard. The class is a test, so you call it a *Test. PHP developers are used to this notion already. Even Drupal core follows suit since D8 (and similarly in D7 already, just with a *TestCase suffix).
    2. Tests are exclusively authored by PHP developers. Catching mistakes like a malformed test class file/name is the job of peer-reviews.
    3. A git repository pre-commit or push hook would be able to catch such mistakes and prevent them from entering the mainline. That is a much more appropriate location and point in time for performing sanity checks.

hook_user_login/logout $account parameter should be of type AccountInterface

March 21, 2018, 1:59 am

will D8 include the feature to update without the composer ?

May 12, 2018, 3:36 am
$
0
0

Hi

I have been using drupal for few years that I found its easy to use for everything. but for the D8 composer, its a difficult part, every time I try to update the core and other things, it can takes many hours and even more some times. it just too many problem.
By runing a business, we can't afford to have a site in this situation. I am just wondering whether drupal will include the feature in the future to update the core and eveything in the auto update part, or like in D7, we can just ftp upload everything. the reason I am asking this question is we want to stay with D8, but just the composer is too much hassle and waste too much time. we have to make a decision for this. thank you

Search

Replace "Lorem Ipsum" Color preview HTML templates with example text in Twig templates

May 24, 2011, 8:54 am
$
0
0

Currently in the Appearance section of Bartik, a live preview of a chosen color scheme is displayed as an image. This section uses Latin placeholder text, "Lorem ipsum . . . ." The problem is getting users to understand the Latin is JUST A PLACEHOLDER. Participants in a Drupal usability study at the University of Minnesota in 2011 expected it to be the live preview of the site with THEIR content. Looking at the Latin text, one participant in the study said, "What's this? French?"

In this thread from May 2011 to December 2014, contributors have narrowed in on recommending a patch to change the Latin text to repetitions of the English words "Sample text." Other suggestions have been to make the text translatable or to embed the content of the actual site as an iFrame. Placing "sample text" is the most simple of the solutions and would look like this:

Sample text

Block of text (re-arrange sentences so line lengths don't repeat)
This is a block of example content. This content is here to demonstrate what actual content would look like in the color scheme you configure. This is an example link, is is here to demonstrate how background colors you configure may affect the readability of links. This content is here to demonstrate what actual content would look like in the color scheme you configure. This is an example link, is is here to demonstrate how background colors you configure may affect the readability of links. This is a block of example content.

Seven's focused/hovered tabs do not meet WCAG AA 1.4.3 for contrast

May 12, 2018, 4:18 am
$
0
0

Seven's tabs styling uses a brighter colour foreground text colour for a tab with a :hover or :focus state:

.tabs__tab:hover,
.tabs__tab:focus {
  color: #008ee6;
  background-color: #fafaf7;
}

This brighter blue (#008ee6) means that the foreground text and the background colour do not have sufficient contrast to meet WCAG AA. The ratio is 3.34:1 when it should be at least 4.5:1.

To reproduce,
1. Login to Drupal 8
2. Navigate to /admin/content
3. Use developer tools to simulate a hover/focus state on an inactive tab and check the foreground text to background colour contrast ratio

Chrome dev tools showing a failing contrast ratio of 3.34 for a Seven's tab in the hover state

Log message if static_map plugin skips the row

March 9, 2018, 3:12 pm
$
0
0

https://www.drupal.org/project/drupal/issues/2959125

Problem/Motivation

It is hard to notice that static_map was the reason a migration row was skipped.

Proposed resolution

Log a message to MigrateSkipRowException to clearly explain why the row is skipped.

Remaining tasks

Patch

User interface changes

N.A.

API changes

N.A.

Data model changes

N.A.

Migrate D6 i18n blocks translated strings

March 25, 2014, 9:41 am
$
0
0

Postponed on #2225587: Migrate D6 i18n menu links

Problem/Motivation

A migration for block translated strings is needed. The block translated strings are in the block table and the language code in the i18n_blocks table.

Proposed resolution

Write a custom source plugin, refer to the existing block source plugin.
Write block translation migrations based on the existing block migrations.
And, of course, tests.

Attack to site

May 3, 2018, 5:52 am
$
0
0

Dear Mr/Mrs

I have a web site created with Drupal 7.

I beleive that it is infected. When I try to connect using Chrome I get a message indicating that Google secure navegation has detected phising. The web site is trying to access the following URL js.localstorage.tk. With Explorer and Firefox I do not get any messages (goes to the page).

I have search looking for a way to fix it but I have only found other users with similar problems.

I wonder if you know of other cases and could indicate me the best way to fix it.

Thanks in advance for your help

Regards

Viewing all 297515 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>