When creating an exposed filter, the description states:

" This will appear in the URL after the ? to identify this filter. Cannot be blank. Only letters, digits and the dot ("."), hyphen ("-"), underscore ("_"), and tilde ("~") characters are allowed. "

Although the character "^" (and possibly others?) are also allowed.

Is this wanted behaviour?

No, due to a typo in the regex the characters A-z are now allowed, this matches a character in the range "A" to "z" (char code 65 to 122). This should just be A-Z. Currently extra allowed characters by this part of the regex are [\]^_`, with the proposed changed, only the underscore would still be allowed from that list since that is whitelisted separately already.

Release note snippet:

Validation for allowed characters in Views filter identifiers was more lenient than intended. If any of your views currently uses a character in the identifier that is other than letters, digits, the dot (.), hyphen (-), underscore (_), or tilde (~), you will need to reconfigure the exposed filters without them. Read the change record on how Views exposed filters identifiers are now validated correctly for more information.

CommentFileSizeAuthor
#19 2731333-19.patch1.77 KBjofitz
#6 2731333-06.patch1.74 KBjhedstrom
#6 2731333-06-TEST-ONLY.patch1.03 KBjhedstrom
#5 2731333-05.patch193.92 KBjhedstrom
#5 2731333-05-TEST-ONLY.patch0 bytesjhedstrom
#5 interdiff.txt1.35 KBjhedstrom
#4 2731333-04.patch1.75 KBjhedstrom
#4 2731333-04-TEST-ONLY.patch1.03 KBjhedstrom
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

StryKaizer created an issue. See original summary.

jhedstrom’s picture

jhedstrom
Primary language English
Location Portland, OR
CreditAttribution: jhedstrom at Phase2 for Workday, Inc. commented

This is currently explicitly allowed in the validator, but that is probably a mistake:

From \Drupal\views\Plugin\views\filter\FilterPluginBase:

    elseif (preg_match('/[^a-zA-z0-9_~\.\-]/', $identifier)) {
      $error = $this->t('This identifier has illegal characters.');
    }

Simply removing that character from the regex doesn't work though for some reason.

jhedstrom’s picture

jhedstrom
Primary language English
Location Portland, OR
CreditAttribution: jhedstrom at Phase2 for Workday, Inc. commented

er, nevermind, the ^ there is supposed to match any character except those specified.

jhedstrom’s picture

jhedstrom
Primary language English
Location Portland, OR
CreditAttribution: jhedstrom at Phase2 for Workday, Inc. commented
Status: Active » Needs review
Issue tags: +VDC-cleanup
FileSize
2731333-04-TEST-ONLY.patch1.03 KB
2731333-04.patch1.75 KB

Apparently there is a typo in the current one (A-z vs A-Z that makes the exclusion behave very oddly).

This should fix the issue, and there's a test to demonstrate the current fails.

jhedstrom’s picture

jhedstrom
Primary language English
Location Portland, OR
CreditAttribution: jhedstrom at Phase2 for Workday, Inc. commented
FileSize
interdiff.txt1.35 KB
2731333-05-TEST-ONLY.patch0 bytes
2731333-05.patch193.92 KB

Oops, I accidentally removed the ~.

jhedstrom’s picture

jhedstrom
Primary language English
Location Portland, OR
CreditAttribution: jhedstrom at Phase2 for Workday, Inc. commented
FileSize
2731333-06-TEST-ONLY.patch1.03 KB
2731333-06.patch1.74 KB

Ignore patches from #5, they accidentally include some composer changes.

The last submitted patch, 5: 2731333-05-TEST-ONLY.patch, failed testing.

The last submitted patch, 5: 2731333-05.patch, failed testing.

The last submitted patch, 4: 2731333-04-TEST-ONLY.patch, failed testing.

The last submitted patch, 6: 2731333-06-TEST-ONLY.patch, failed testing.

StryKaizer’s picture

StryKaizer
Primary language Dutch
Location Belgium
CreditAttribution: StryKaizer at Webtrack commented
Status: Needs review » Reviewed & tested by the community

Nice catch on that regex typo, patch fixes the issue, setting rtbc

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
CreditAttribution: alexpott at Chapter Three commented

What about existing bad values? Do we just accept that they have to be fixed if someone saves the view again?

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
CreditAttribution: alexpott at Chapter Three commented
Status: Reviewed & tested by the community » Needs review

Setting to needs review to get an answer to #12 - i think it might be fine it is still worth having a think about before committing this.

StryKaizer’s picture

StryKaizer
Primary language Dutch
Location Belgium
CreditAttribution: StryKaizer at Webtrack commented

Following characters match current regex (Basicly every character between A and z in the ASCII table, see http://www.ascii-code.com/).

[ \ ] ^ `

_ also matches, but we support underscores anyway.

Since writing an update path can break links, I'd accept people have to fix their alias next time they save the view.

Version: 8.2.x-dev » 8.3.x-dev

Drupal 8.2.0-beta1 was released on August 3, 2016, which means new developments and disruptive changes should now be targeted against the 8.3.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.3.x-dev » 8.4.x-dev

Drupal 8.3.0-alpha1 will be released the week of January 30, 2017, which means new developments and disruptive changes should now be targeted against the 8.4.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.4.x-dev » 8.5.x-dev

Drupal 8.4.0-alpha1 will be released the week of July 31, 2017, which means new developments and disruptive changes should now be targeted against the 8.5.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

borisson_’s picture

borisson_
Primary language Dutch
Location Mechelen, 🇧🇪
CreditAttribution: borisson_ as a volunteer commented
Status: Needs review » Needs work
Issue tags: +Needs reroll

This doesn't apply anymore.

jofitz’s picture

jofitz CreditAttribution: jofitz at ComputerMinds commented
Status: Needs work » Needs review
Issue tags: -Needs reroll
FileSize
2731333-19.patch1.77 KB

Re-rolled.

In #14 @StryKaizer answered the question from #12 so if this re-roll is correct this can be returned to RTBC.

Version: 8.5.x-dev » 8.6.x-dev

Drupal 8.5.0-alpha1 will be released the week of January 17, 2018, which means new developments and disruptive changes should now be targeted against the 8.6.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.6.x-dev » 8.7.x-dev

Drupal 8.6.0-alpha1 will be released the week of July 16, 2018, which means new developments and disruptive changes should now be targeted against the 8.7.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.7.x-dev » 8.8.x-dev

Drupal 8.7.0-alpha1 will be released the week of March 11, 2019, which means new developments and disruptive changes should now be targeted against the 8.8.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Manuel Garcia’s picture

Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commented
Status: Needs review » Reviewed & tested by the community

Reroll looks good, and still applies to 8.8.x

Re #12:
Essentially I agree with #14. An upgrade path would not be possible without breaking links inside text fields, and those links would still work after this change since this only takes place while validating views configuration changes being saved. Site builders will see the problem when they try to save views configuration, at which point it would (should) become clear to them that they should change any links to these pages accordingly.

We could try to warn them perhaps via a CR, though this is probably an uncommon case I'm not sure it's worth the effort?

Lendude’s picture

Lendude
Primary language Dutch
Location Amsterdam
CreditAttribution: Lendude as a volunteer and at ezCompany commented
Issue summary: View changes
Issue tags: +Needs change record

Updated the IS a bit to make it clearer which characters are now allowed that will be disallowed after this change.

If we are not doing an upgrade path (fine by me), shouldn't we at least do a CR so that people can have some indication of what is going on when they run into this?

Manuel Garcia’s picture

Manuel Garcia CreditAttribution: Manuel Garcia as a volunteer and at Appnovation for Pfizer, Inc. commented
Issue tags: -Needs change record

Created the CR: https://www.drupal.org/node/3040204

larowlan’s picture

larowlan
Location 🇦🇺🏝.au GMT+10
CreditAttribution: larowlan at PreviousNext commented
Status: Reviewed & tested by the community » Needs review
Issue tags: +Needs release note

This will warrant pointing out in release notes - can we add a release notes snippet to the issue summary

Lendude’s picture

Lendude
Primary language Dutch
Location Amsterdam
CreditAttribution: Lendude as a volunteer and at ezCompany commented
Issue summary: View changes
Status: Needs review » Reviewed & tested by the community
Issue tags: -Needs release note

Added a snippet

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
CreditAttribution: alexpott at Thunder commented
Status: Reviewed & tested by the community » Fixed

Crediting @StryKaizer for filing the issue. @Manuel Garcia, @Lendude, myself, and @larowlan for issue review and management.

Committed d3a1192 and pushed to 8.8.x. Thanks!

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
CreditAttribution: alexpott at Thunder commented
Issue tags: +8.8.0 release notes

  • alexpott committed d3a1192 on 8.8.x 
    Issue #2731333 by jhedstrom, Jo Fitzgerald, StryKaizer, Manuel Garcia,...

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

xjm’s picture

xjm
she/her
Primary language English
CreditAttribution: xjm at Acquia commented
Issue summary: View changes
xjm’s picture

xjm
she/her
Primary language English
CreditAttribution: xjm at Acquia commented
Issue summary: View changes

And adding a link to the CR.