Contrib.social

NodeTypeForm::validateForm doesn't validate HTML for description

Open on Drupal.org →
Created on 11 June 2018, over 6 years ago
Updated 16 February 2023, almost 2 years ago

Problem/Motivation

When someone enters invalid HTML (e.g. opening a "<em>" without a closing </em> tag) as the content type's description, Javascript errors will occur on the node/add page.

Either we need to filter the output on "/node/add" or we need to validate the input on "admin/structure/types/manage/nodetype".

Proposed resolution

Since the labels can be translated and those can also contain wrong HTML it may be better to do both.

Remaining tasks

validate input and filter output.

User interface changes

none

API changes

none

Data model changes

none

🐛 Bug report
Status

Needs work

Version

10.1

Component
Node system 

Last updated 4 days ago

No maintainer
Created by

🇧🇪Belgium mpp

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment almost 2 years ago
    🇨🇳China jungle Chongqing, China

    The patch in #16 is still valid against 10.1.x

    2978818-16-tests-only.patch reproduced it, and 2978818-16.patch fixed it.

    Tagging "Needs Review Queue Initiative" because I saw the NR request in #needs-review-queue-initiative on slack.

  • Status changed to Needs work almost 2 years ago
  • Comment almost 2 years ago
    🇫🇮Finland lauriii Finland

    It looks like the proposed resolution doesn't actually match what is in the issue summary. Proposed solution seems to be to do it on runtime to not run into the same problem with translations. The downside of that solution is that it could interfere with existing markup but overall doing it runtime seems more in line with how we do markup normalization in other places because this way we can solve it for all different use cases.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024