Entity operations for menu links are hardcoded in edit menu form
Problem/MotivationEntity operations for menu items are hard coded in the edit menu form; add or alter operations are impossible.Proposed resolutionIntroduce a menu link list builder that provides the...
View ArticleCSRF check always fails for users without a session
Problem/MotivationAny route using the _csrf_token requirement doesn't work for users without session because the CSRF checker fails as the CSRF seed is not stored anywhere. Proposed resolutionOnly add...
View ArticleAdd user access checks to 'more' link
when a custom URL under "Link display" is used for a given display, there is not anything in views to check user access to these links. @dawehner suggested using the access system provided by the...
View ArticleAllow decorating route controllers
Problem/MotivationSteps to reproduceProposed resolutionRemaining tasksUser interface changesAPI changesData model changesRelease notes snippetProblem/MotivationThere are a number of issues where we...
View ArticleMenuLinkContentAccessControlHandler does not allow "view" access...
Menu link 'view' permission is set to 'Administer Menu' which does not allow for exposing menu links via the jsonapi module (e.g. /jsonapi/menu_link_content/menu_link_content). Should permission...
View Article[policy, no patch] All new Drupal 10 code should use appropriate type hints...
Problem/MotivationAs per #1158720-69: [policy, no patch] Add parameter type hinting to function declaration coding standards this issue proposes that all new Drupal 9 code should use scalar typehints...
View ArticleAdd comparison operator to string translation filter
At /admin/config/regional/translate, there is a string filter for finding translations. It defaults to a "contains" comparison operator, which is right for most situations, admittedly. But we recently...
View ArticleUri should be required base field for file entities
Problem/MotivationThe file entity does not declare the uri base field to be required, but saving a file entity without a uri will get an integrity constraint violation (Column uri cannot be NULL)...
View ArticleNotification email address does not override the default system email address...
Adding Notification email address does not overwrite the system admin email from addressWhen I enter a Notification email address on the account settings page (/admin/config/people/accounts) the from...
View ArticleExplicitly test for pg_trgm extention in installer
Problem/Motivation#2846994: Increase minimum version requirement for Postgres to 10 and require the pg_trgm extension adds a hard installer requirement for postgres 10.We should also inform/fail for...
View ArticleMove Custom block library to Content
Problem/MotivationUnder Block Layout there are three pages. Two of these (Block layout and Block types) are structure and site-building tasks. Any configuration or new block types are exported in the...
View ArticleTestRequirementsTrait::checkRequirements() does not work as expected
Problem/MotivationTestCase::checkRequirements used to be protect, but was made private in PHPUnit 7.0https://github.com/sebastianbergmann/phpunit/commit/932238a6a3018cdfac6c...How is this still...
View ArticleContact form opt-out line should be excluded from admin-sent and sender-copy...
I just noticed that when an admin sends an email to a user, it has this message:Brad Landis (site/user/1) has sent you a message via your contact form (site/user/12/contact) at siteName.If you don't...
View Articlepreg_split in _filter_url breaks for long html tags
Problem/MotivationHaving a really long HTML tag (e.g. < img > with src:data/image...) makes preg_split fail and return false. On PHP 7.4 this throws a warning ("Warning: count(): Parameter must...
View ArticleRight click should not work on submit buttons with Ajax behaviors
I have noticed that when #ajax is attached to a submit button the right click(and all other buttons of mouse, like middle) is working as well and i dont think it should. It is because the ajax.js uses...
View ArticleAddress "postcss.plugin was deprecated" warning
Postponed as this warning doesn't exist until #3261163: Update to PostCSS 8Problem/MotivationAs of #3261163: Update to PostCSS 8 there's a deprecation warning during yarn...
View ArticleReplace func_get_args with variable-length argument in FormBuilder
Problem/MotivationTo make the FormBuilder code more consistent and clean I suggest to replace the calls to func_get_args with the proper use of the variable-length argument.Steps to reproduceThis is...
View Article[meta] Deprecate tarballs, because they are incompatible with...
Problem/MotivationDrupal.org still provides tarball and zip archives of every core and contributed project release as part of the packaging process. There are numerous issues with this:Tarball...
View ArticleTypeError: Cannot access offset of type string on string in...
Problem/MotivationTypeError: Cannot access offset of type string on string in Drupal\views\Plugin\views\filter\NumericFilter->valueForm() (line 239 of...
View ArticleAfter the latest mod_lsapi upgrade by CloudLinux, admin login is not function...
The answer we’ve got from CloudLinux is: Later, up to 1.1-61 version, mod_lsapi ignores any error returned by Apache output filters. This was wrong behavior, particularly, it could lead to XSS...
View Article