Clik here to view.
A valid one-time login link may be leaked by the referer header to 3rd parties
Problem/MotivationWhen accessing a one-time login link the referrer header for any third party assets will leak the link and if the user does not click the log in link it will be valid for the next 24...
View ArticleAdd batch support for bulk operations
Problem/MotivationSome operations could take a lot of time (publishing 100 nodes) so users end up with timeout on admin pagesProposed resolutionVBO in D7 has option to run operations via batchRemaining...
View ArticleGet rid of '#theme' => '' in...
Problem/MotivationD8 codebase inherits hack that makes no sense public function buildForm(array $form, FormStateInterface $form_state) { // Don't show the form when batch operations are in progress. if...
View ArticleMismatched entity and/or field definitions after upgrade from RC1 to RC2
I have Drupal 8 installed beginning of RC1 and afterward upgraded successfully up to 8.0. The status report page from the very first version is displaying: Entity/field definitions Mismatch detected...
View ArticleSeparate MIME type mapping from ExtensionMimeTypeGuesser
Problem/MotivationWith #1921558: Convert file_get_mimetype() to use Symfony MimeTypeGuessers, the function file_mimetype_mapping() was removed. The mapping was placed as a protected property of the...
View ArticleDecouple Comment module from Tracker
Decouple Comment module from TrackerTracker requires an additional comment. By default two comments are added for every entry. Would like to remove the second comment entry. Original trouble was for D7...
View Articlestreamline responsive_image_build_source_attributes()
Follow-up to #2260061: Responsive image module does not support sizes/picture polyfill 2.2- Adjusts theme('responsive_image') to require the caller to provide a 'width' and 'height', like...
View ArticleClik here to view.
Bartik: fix button layout appearance on node add/edit form (small devices)
Left space is different and "Preview" button can take full width.
View ArticleCSRF in update module manual check links
Problem/MotivationThis has been publicly disclosed, hence we are fixing in public instead of in the private security team tracker.reported by Fernando_ArnaboldiAn attacker may force an admin to check...
View ArticleShow helpful message or be silent (but do not fatal!) when configuration...
Problem/MotivationFollow-up to #2584603-48: PHP exception on manage fields after enabling Configuration Translationwe cannot actually prevent having config files associated to the same mapper in...
View ArticleStep 2: Create a JavaScriptTestBase using PhantomJs Driver/Binary
Problem/MotivationOver in #2232861: Create BrowserTestBase for web-testing on top of Mink we got step one in, BrowserTestBase. Now on with step 2 - adding a JavaScript driver.Proposed resolution* Use a...
View ArticleSome fixes of the views config
Follow-up to #2380457: Some fixes of the views config schemaProblem/MotivationWhile fixing the config schema found that some of the old config elements need to be...
View ArticleMissing test coverage for \Drupal\rest\Plugin\ResourceInterface plugins
I noticed that Drupal\rest\Plugin\Type\ResourcePluginManager has no mechanism for dealing with #1780396: Namespaces of disabled modules are registered during test runs, which indicated that it didn't...
View ArticleCreate a User session cookie login resource
Problem/MotivationActually if we use the user login form we always receive a 200. We need to receive a 400 for a failed attempt. We want to also verify the logout and the current logged in user...
View ArticleEnsure core compliance to...
FILE: /home/anoopjohn/projects/drupal/drupal-8/core/authorize.php ---------------------------------------------------------------------- FOUND 1 ERROR AFFECTING 1 LINE...
View Articlehook_toolbar: node specific items (like edit links) are stuck in cache
How can I keep items like a node edit link outside the toolbar cache? Can I overrule the toolbar cache by using the #cache array in my custom toolbar items? Which tags/context should I use? Only works...
View ArticlePermission problem for menuitem "Run database updates"
Use case: Install and enable Admin Toolbar and Admin Toolbar Extra Tools modules. Create editor role, assign 'Use the administration toolbar' permission to editor. Create user with editor role. Login...
View ArticleClik here to view.
Label for Content and User bulk operations does not fit the action
Problem/MotivationThe bulk operation drop-down menu on the Content page /admin/content and the User Pages /admin/peopleis labelled "With selection". This doesn't fit the function of this field, because...
View ArticleMove views/includes/ajax.inc to a class in views_ui module
the only function in this file is used by views_ui module only
View ArticleContent language detection must be set explicitly to work correctly
ProblemWhen setting language detection method, the checkbox Customize Content language detection to differ from User interface text language detection settings is ignored. This causes the detection...
View Article