- 🇫🇷France prudloff Lille
Is this still a concern?
I think the issue summary would need to be updated to explain why this should be removed.
Also I guess the first step would be to simply deprecate it?
Follow-up to #2502785: Remove support for $form_state->setCached() for GET requests →
#2502785: Remove support for $form_state->setCached() for GET requests → split the removal of #ajax url out to another issue.
- Incorporate #2502785-70: Remove support for $form_state->setCached() for GET requests → back here or #2502785-73: Remove support for $form_state->setCached() for GET requests →
- Discuss
- Do it
- None
TBD
TBD
BETA EVAL:
Potentially prioritized change as direct follow-up to a critical.
Active
11.0 🔥
forms system
It makes Drupal less vulnerable to abuse or misuse. Note, this is the preferred tag, though the Security tag has a large body of issues tagged to it. Do NOT publicly disclose security vulnerabilities; contact the security team instead. Anyone (whether security team or not) can apply this tag to security improvements that do not directly present a vulnerability e.g. hardening an API to add filtering to reduce a common mistake in contributed modules.
Issue summaries save everyone time if they are kept up-to-date. See Update issue summary task instructions.
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
Is this still a concern?
I think the issue summary would need to be updated to explain why this should be removed.
Also I guess the first step would be to simply deprecate it?