Hi there,

I'm trying to add help text to a field with a link in it. Path for the link needs to be created from tokens, but tokens get filtered out from href attribute by filter_xss_admin() before they have chance to be replaced.
So something like this in help text:
Click <a href="[site:og-context--node:url]/will-options/create" target="_blank">here</a>
Comes into token_field_widget_form_alter() in following state:
Click <a href="url]/will-options/create" target="_blank">here</a>

Patch with suggested fix is attached

CommentFileSizeAuthor
#5 token-1938672-5.patch567 bytesDane Powell
token_filtered_descriptions.patch770 bytestatyana
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

walidvb’s picture

walidvb CreditAttribution: walidvb commented

I have a similar problem:
Help text is
<a href="[site:url]admin/config/content/facebook_album_fetcher/album_list">here</a>
turns into
<a href="http://mysite.com<em>/node/addurl]admin/config/content/facebook_album_fetcher/album_list">here</a>

hoangdk80’s picture

hoangdk80 CreditAttribution: hoangdk80 commented

same here
have tried to use the token outside of the link href attribute but it's broken as well:

This is the homepage: [site:url]
turns into
This is the homepage: [site:url]

Token doesn't seem to be interpreted at all. Any ideas ?

Dave Reid’s picture

Dave Reid
he/him
Primary language English
Location Nebraska USA
CreditAttribution: Dave Reid commented
Title: Broken tokens inside links in field help » Field help token replacement should run on the original field description, not the already filtered string
Version: 7.x-1.5 » 7.x-1.x-dev
Issue summary: View changes
Status: Active » Needs review

Status: Needs review » Needs work

The last submitted patch, token_filtered_descriptions.patch, failed testing.

Dane Powell’s picture

Dane Powell CreditAttribution: Dane Powell commented
Status: Needs work » Needs review
FileSize
token-1938672-5.patch567 bytes

Same patch as in #1, just re-rolled. It works for me.

  • Commit f416785 on 7.x-1.x by Dave Reid: 
    Issue #1938672 by Dane Powell, tatyana: Fixed field help token...
Dave Reid’s picture

Dave Reid
he/him
Primary language English
Location Nebraska USA
CreditAttribution: Dave Reid commented
Status: Needs review » Fixed

Committed to 7.x-1.x. Sorry I forgot to assign Git attribution. :/

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

cussack’s picture

cussack CreditAttribution: cussack commented
Status: Closed (fixed) » Needs work

The supplied patch does not fix the actual issue. It is an ugly workaround that basically disables all alterations coming before this one in the alteration chain, which causes more problems than it solves (see #2474403: Translation of field description overwritten for example, #1796024: Tokens in field help text do not work for files, images, text fields possibly as well).
I would love to see this patch reverted and the issue being fixed more cleanly in another place, most likely by sanitizing strings after alteration in the field module or by adding another alter function later in the chain. The bug is actually caused by premature string sanitizing.

Thoughts?