Information disclosure access bypass for revision log fields when the...
Problem/MotivationThis was originally logged as a private issue to the security team, but was cleared to be moved to the public queueCore's node module has an access bypass/information disclosure...
View ArticleFix strict type errors in functional javascript tests
Problem/MotivationThis is a child issue of #3376057: [META] Add declare(strict_types=1) to all tests. After adding enabling strict types to all tests there were around 3000 errors. Fixing them all in...
View ArticleAllow plugin derivers to specify cacheability (tags, contexts, max-age) for...
Problem/MotivationPlugin derivers are essentially a foreach loop for providing plugin definitions. Typically they iterate over the result of some other service, creating a definition for each item. If...
View ArticleUse Full Page on Files View Page
Problem/MotivationOn the view /admin/content/files a mini pager is used but the view for content on /admin/content/ uses a full pager. For sites with many files, a full pager is preferable to be able...
View ArticleCannot save translated nodes after upgrading to 8.8 due to invalid path
Problem/MotivationHm. Perhaps I'm doing sth. wrong, but after upgrading a few sites to Drupal 8.8 I found that I cannot save newly translated nodes anymore. The error message is "Either the path...
View ArticleClik here to view.
Add cancel button to media library widget popup
Problem/MotivationA cancel button is standard on most modals. But it's missing on the media library widget popup.Steps to reproduceEnable media and media library modulesAdd a media field to a taxonomy...
View Articlepath.alias_repository service does not use a proper language fallback mechanism
Problem/MotivationFollowing is the current language fallback logic used in the path.alias_repository service: // Always get the language-specific alias before the language-neutral one. // For example...
View ArticleOn views with AJAX enabled, exposed filter "reset" causes page load
Problem/MotivationOn a view with exposed filters, reset button, and AJAX enabled, the exposed filters work properly with AJAX (as do exposed sorts, including table heading click-sorting), but when you...
View ArticleOne-time login links broken in Gmail
Problem/MotivationWhen using Gmail's web interface it is not possible to click on one-time login links.This is a recent change, and it's not clear if it is related to updating to Drupal 10.1.6 or...
View ArticleAggregated CSS/JS not found with some file-path configurations
Problem/MotivationUploaded and generated files can be stored outside the Drupal docroot. This can provide performance benefits and security benefits (for example, having the executable code stored on a...
View ArticleTest for words in 'cspell:ignore' that can be removed
Problem/MotivationCurrently, there is no tool that will check the various cspell lines in core to see if they are still needed. No does cspell offer such a thing. Although there is an issue,...
View ArticleClik here to view.
Date range should be in the date_time category
Problem/MotivationThe daterange field should be placed into the "date_time" category. Steps to reproduceInstall datetime_range module and you will see it creates its own category which leads to...
View ArticleUse default section to simplify GitLab pipelines
Problem/MotivationCurrently we define default job settings and variables with YAML aliases. GitLab supports a default top level section where we can move some settings common to all jobs:...
View ArticleDisplay backtrace for logged throwables on log message details page
Problem/MotivationWhen an exception is logged to the dblog by \Drupal\Core\EventSubscriber\ExceptionLoggingSubscriber::onError() or \Drupal\Core\Utility\Error::logException(), there is no backtrace on...
View ArticleAjax replace does not refocus element if inside a dialog
Problem/MotivationDrupal.Ajax.success attempts to set focus to the element that triggered the ajax request. You can stop by adding the attribute data-disable-refocus to the element if another...
View ArticleMove ExecutionContext, ExecutionContextFactory and ConstraintViolationBuilder...
Problem/MotivationFollow-up to #3375447: Create an UploadedFile validator and deprecate error checking methods on UploadedFileInterface the \Drupal\Core\TypedData\Validation\ExecutionContextFactory and...
View ArticleFix strict type errors in test traits
Problem/MotivationThis is a child issue of #3376057: [META] Add declare(strict_types=1) to all tests. After adding enabling strict types to all tests there were around 3000 errors. Fixing them all in...
View ArticleRevision user incorrectly appears as anonymous user when node author is canceled
Problem/MotivationThe revision user is not appearing correctly on the /revisions tab when a node author is canceled and their content assigned to anonymous user.Steps to reproduce:User A creates a...
View ArticleImage derivative generation does not work if effect "Convert" in...
Problem/MotivationIf file is converted to another format, i.e. from jpg to gif, filepath does not match anymore. We already have a piece of code to match converted image uri but it works only for...
View Article