Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Problem/Motivation
core/modules/field_ui/src/FieldStorageConfigListBuilder calls SafeMarkup::set() which is meant to be for internal use only.
Proposed resolution
- Remove the call by refactoring the code.
Remaining tasks
Evaluate whether the string can be refactored to one of the formats outlined in this change record: https://www.drupal.org/node/2311123Approach should be the same as #2505931: Remove SafeMarkup::set in ViewListBuilder (currently adding'#theme' => 'inline_list'
Identify whether there is existing automated test coverage for the sanitization of the string. If there is, list the test in the issue summary. If there isn't, add an automated test for it.The function concatenates known-safe strings and does not need to be individually sanitized.
Manual testing steps
- Install Drupal 8 using the Standard profile.
- Log in as the admin user
- Visit admin/reports/fields
- Compare the "Used In" column of the Field List report, specifically for the
body
field which should be a comma-separated list
User interface changes
N/A
API changes
N/A
Comment | File | Size | Author |
---|---|---|---|
#18 | 2501971.18.patch | 1.11 KB | alexpott |
#18 | 13-18-interdiff.txt | 645 bytes | alexpott |
#15 | 2501971-13.png | 220.63 KB | Anonymous (not verified) |
#15 | 2501971-head.png | 238.51 KB | Anonymous (not verified) |
#13 | 2501971-9.patch | 1.1 KB | stefan.r |
Comments
Comment #1
tetranz CreditAttribution: tetranz as a volunteer commentedComment #2
tetranz CreditAttribution: tetranz as a volunteer commentedComment #3
joelpittetPostponing on the decision from #2501975: Determine how to update code that currently joins strings in SafeMarkup::set()
Comment #4
tetranz CreditAttribution: tetranz as a volunteer commentedUnassigning myself for now until there is a clear direction for 2501975 and I have more time.
Comment #5
akalata CreditAttribution: akalata commentedNo longer blocked, though the discussion in #2501975: Determine how to update code that currently joins strings in SafeMarkup::set() might be valuable to identify the best solution in this case.
Comment #6
akalata CreditAttribution: akalata commentedPostponed for real on #2505931: Remove SafeMarkup::set in ViewListBuilder. Whatever pattern we find works there can most likely be used here as well.
Comment #7
akalata CreditAttribution: akalata commentedComment #8
stefan.r CreditAttribution: stefan.r commentedThis may work once #2505931-170: Remove SafeMarkup::set in ViewListBuilder is in.
Comment #9
Wim Leers#2505931: Remove SafeMarkup::set in ViewListBuilder just landed :)
Comment #10
dawehnerThis is also not performance critical ... so having a render array is perfect here.
Comment #12
stefan.r CreditAttribution: stefan.r commentedThis needs to be updated still
Comment #13
stefan.r CreditAttribution: stefan.r commentedComment #14
stefan.r CreditAttribution: stefan.r commentedComment #15
Anonymous (not verified) CreditAttribution: Anonymous at XIO commentedThis doesn't seem to work:
Comment #18
alexpottLet's fix it then. Got to love how
#type => 'table'
works :)Comment #19
Wim LeersYeah…
Comment #20
stefan.r CreditAttribution: stefan.r commentedYep, manually tested in admin/reports/fields and this seems to work great.
Comment #21
joelpittetFYI, if you put a 'data' key that is
#theme => table
's preprocess thing,#type => table
treats the nested keys as elements.*star rainbow*
https://www.drupal.org/node/1876710
Comment #22
catchDiff looks much nicer.
Committed/pushed to 8.0.x, thanks!