Prevent strings unsafe for translation in code

Created on 8 July 2020, over 4 years ago
Updated 30 January 2023, almost 2 years ago

Problem/Motivation

Drupal prevents loading translation strings that contain possibly dangerous tags. When you import translations or translate in the UI, each string is run through locale_string_is_safe(), and if that function returns FALSE, the string is rejected and not stored in the database.

However, both core and contributed projects can create translatable strings with these tags in them. If they do, and translators leave the tags in (as they generally should when translating strings with HTML in them), the translations will never get imported into sites.

Proposed resolution

Use a runtime assert() statement to test all translatable strings using code identical to locale_string_is_safe().

This will ensure that Drupal Core and contributed modules will not have any of these strings in their code, as long as there is at least one automated test that displays the string and all the tests pass. Which means that going forward, Core and any other projects that enforce passing automated tests before committing code, plus any projects that go back and fix tests that suddenly start failing, will be free of these untranslatable strings.

The patch will also need to fix the broken strings in Drupal core.

Remaining tasks

1. Make a patch that adds this assert to the TranslatableMarkup class, and fixes any Core strings that fail the test. [There was one such string in Core, plus another one in a test class. Both have been fixed in the patch.]

2. Review.

3. Commit.

User interface changes

Strings that are translated will not contain any "unsafe" tags that would make them not importable or not translatable in the translation UI.

API changes

A runtime assert in the TranslationMarkup constructor will verify that any translatable string has no unsafe tags, if runtime asserts are being checked (i.e., during tests only -- generally these asserts do not run on production sites).

Data model changes

No.

Release notes snippet

A runtime assert has been added to the TranslationMarkup constructor, which verifies that any translatable string has no unsafe tags. Unsafe tags are any HTML tags that are not listed in the locale_string_is_safe() function. Strings that don't pass this test are not importable when a site imports translations from localize.drupal.org, so it is important that Drupal Core and contributed projects not contain these unsafe strings. This assert will only be checked if runtime asserts are live, which is generally only true when tests are being run. Contributed project tests will see their existing tests fail after this change, if they have any unsafe strings in their code base, assuming that they have test coverage that triggers those strings to be displayed.

🐛 Bug report
Status

Needs work

Version

10.1

Component
Language system 

Last updated about 17 hours ago

  • Maintained by
  • 🇩🇪Germany @sun
Created by

🇩🇪Germany joachim namyslo Kulmbach 🇩🇪 🇪🇺

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • The Needs Review Queue Bot tested this issue. It either no longer applies to Drupal core, or fails the Drupal core commit checks. Therefore, this issue status is now "Needs work".

    Apart from a re-roll or rebase, this issue may need more work to address feedback in the issue or MR comments. To progress an issue, incorporate this feedback as part of the process of updating the issue. This helps other contributors to know what is outstanding.

    Consult the Drupal Contributor Guide to find step-by-step guides for working with issues.

Production build 0.71.5 2024