Contrib.social

Create a schema for "allowed_html" which provides a better config diff

Open on Drupal.org →
Created on 20 April 2017, almost 8 years ago
Updated 18 January 2024, about 1 year ago

Problem/Motivation

I am working on a site which requires quite a specific and detailed element/attribute whitelist. My "allowed_html" setting is 1200 characters long. When updating this, it's impossible to tell from a diff what changed. In addition to this, we've found that changes manually made to the attributes and classes are reverted, chopped and changed by Drupal.behaviors.filterFilterHtmlUpdating erroneously, possibly from a bug in the JS or one of the filters we have installed.

It would be great if the schema that stored these settings provided a better diff.

Proposed resolution

Update the schema to look something like:

    allowed_html:
      type: sequence
      label: 'Allowed HTML'
      sequence:
        type: sequence
        label: 'Attributes'
        sequence:
          type: string
          label: 'Value'

Which would transform settings like:

allowed_html: '<a href hreflang> <em> <strong> <cite> <blockquote cite> <code> <ul type> <ol start type>'

Into:

      allowed_html:
        a:
          href: '*'
          hreflang: '*'
        em: {  }
        strong: {  }
        cite: {  }
        blockquote:
          cite: '*'
        code: {  }
        ul:
          type: '*'
        ol:
          start: '*'
          type: '*'

Remaining tasks

Validate & see if this is something we can achieve without breaking BC.

User interface changes

API changes

Data model changes

✨ Feature request
Status

Needs work

Version

11.0 🔥

Component
Filter  →

Last updated 1 day ago

No maintainer
Created by

🇦🇺Australia Sam152

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment about 1 year ago →
    🇦🇺Australia mstrelan

    This is still very relevant today. We should match ckeditor, for example from core/profiles/standard/config/install/editor.editor.basic_html.yml:

    settings:
  plugins:
    ckeditor5_sourceEditing:
      allowed_tags:
        - '<cite>'
        - '<dl>'
        - '<dt>'
        - '<dd>'
        - '<a hreflang>'
        - '<blockquote cite>'
        - '<h2 id>'
        - '<h3 id>'
        - '<h4 id>'
        - '<h5 id>'
        - '<h6 id>'
  • Comment about 1 year ago →
    🇵🇰Pakistan isalmanhaider

    I agree that this issue remains pertinent, especially considering the structure used by CKEditor in Drupal core.

    Adopting a similar format for the "allowed_html" setting, as demonstrated in core/profiles/standard/config/install/editor.editor.basic_html.yml, would not only ensure consistency with CKEditor's configuration but also improve clarity and manageability for developers and site administrators.

    Such alignment could greatly enhance user experience and reduce configuration errors.

  • Comment about 1 year ago →
    🇧🇪Belgium wim leers Ghent 🇧🇪🇪🇺

    This at minimum soft-blocks 📌 [PP-2] Make FilterFormat config entities fully validatable Postponed and potentially hard-blocks it.

  • Comment about 1 year ago →
    🇦🇺Australia acbramley

    Glad I found this issue, this is a problem every single time we change filter formats in any way, especially when (for example) adding new styles.

    What do people think of an interim solution where we keep the existing unstructured string and at the very least sort the tags alphabetically? That would at least alleviate very hard to parse diffs like the following:

    This is an example where a new style had been added to the table element, but all the other tags were randomly reordered.

  • Comment about 1 year ago →
    🇧🇪Belgium wim leers Ghent 🇧🇪🇪🇺

    #93++ — let's do that here so we can close this already ~100-comment long issue? 😄

  • Comment 2 days ago →
    🇳🇱Netherlands bbrala Netherlands
  • Merge request !11813feat: lets see if we can sort, not sure if this is the right place, but lets start somwehre. → (Open) created by bbrala
  • Pipeline finished with Failed
    2 days ago
    Total: 172s
    #472361
  • Comment 2 days ago →
    🇳🇱Netherlands bbrala Netherlands

    Ok, the failures are in sort order, which is great! Adjusting the tests to match the new order is a good novice issue. Go through the tests that fail and update the expected order.

    I'm not sure if we need an upgrade path, since an export will just save it the new order easily. :)

  • Pipeline finished with Failed
    2 days ago
    Total: 167s
    #472374
  • Pipeline finished with Failed
    2 days ago
    #472386
  • Pipeline finished with Failed
    2 days ago
    Total: 110s
    #472401
  • Pipeline finished with Failed
    2 days ago
    Total: 566s
    #472404
  • Pipeline finished with Canceled
    2 days ago
    Total: 191s
    #472446
  • Pipeline finished with Failed
    2 days ago
    Total: 500s
    #472447
  • Pipeline finished with Failed
    1 day ago
    Total: 521s
    #472494
  • Comment 1 day ago →
    🇳🇱Netherlands bbrala Netherlands

    Getting the tags sorted in ckeditor requires some extra work since it is only implicitly coupled to the filterfotmat in core. There is an issue around that but lets do make sorting available publicly so we can also do it in that part of the code.

  • Pipeline finished with Canceled
    1 day ago
    Total: 94s
    #472885
  • Comment 1 day ago →
    🇳🇱Netherlands bbrala Netherlands

    Hmm, not sure yet how to do this. CKEditor uses HTMLRestrictions for a lot of generation of the lists of tags. There is also the config form, and the SmartDefaultSettings. Those probably need adjusting to make sure we get sorted tags.

  • Pipeline finished with Failed
    1 day ago
    Total: 174s
    #472886
  • Pipeline finished with Failed
    about 23 hours ago
    Total: 433s
    #473206
  • Pipeline finished with Failed
    about 23 hours ago
    Total: 379s
    #473209
contrib.social Blog FAQ Discussions
Production build 0.71.5 2024