- heddn Nicaragua
I think we should make the error more generic, not more specific. But then log the exception message to watchdog. Otherwise, I'm driving in the dark here as we eat the exception/throwable without listing out what is at fault.
- Status changed to Needs work
almost 2 years ago 7:54pm 14 March 2023 - πΊπΈUnited States tr Cascadia
"its", not "it's".
Also, the code comment says "// Render a nice error message in case we have a file upload which exceeds the configured upload limit." but if that's not really what is happening here then the code comments should be changed as well.
Likewise, in core/lib/Drupal/Core/Form/FormBuilder.php, where this exception is thrown, we have this code:
// In case the post request exceeds the configured allowed size // (post_max_size), the post request is potentially broken. Add some // protection against that and at the same time have a nice error message. if ($ajax_form_request && !$request->request->has('form_id')) { throw new BrokenPostRequestException($this->getFileUploadMaxSize()); }
Again, this comment doesn't agree with the actual code, and doesn't agree with what the patch says the problem is. This code is explicitly checking for form_id, so why is it passing the file upload max size as an argument to the exception if the form_id is the problem? How is file upload size involved here?
If BrokenPostException is being used for all these different problems - file upload size, missing form_id, max_input_vars, then I would argue that there needs to be more than one type of exception defined and thrown because it's not useful to have just one generic exception here that wasn't intended to cover all these cases.
I agree with @heddn that in general detailed error messages should not be shown to the end user, and that detailed information about what went wrong and where it went wrong should be logged for the site owner.
- Status changed to Needs review
almost 2 years ago 4:30am 15 March 2023 - Status changed to Needs work
over 1 year ago 3:28pm 13 June 2023 - πΊπΈUnited States smustgrave
From what I can tell the message being displaced is still the detailed approach vs generic. And having the detailed message logged instead.
- πΈπ°Slovakia poker10
Is this a duplicate of β¨ Misleading error message when uploading a file Needs work ?