Unsafe file upload extensions Details page throws an exception

Created on 12 May 2023, over 1 year ago

Updated 1 September 2023, over 1 year ago

Problem/Motivation

For both Drupal 10 and Drupal 9.5, if you configure an unsafe file extension for upload (for example "html"), when clicking on "Details" to see why the "Unsafe file extensions are allowed in uploads" failed, you will see an error page instead. Here is the exception:

Symfony\Component\Routing\Exception\MissingMandatoryParametersException: Some mandatory parameters are missing ("media_type") to generate a URL for route "entity.field_config.media_field_edit_form". in Drupal\Core\Routing\UrlGenerator->doGenerate() (line 181 of /var/www/html/web/core/lib/Drupal/Core/Routing/UrlGenerator.php).

This is happening when rendering the template check_evaluation.html.twig.

Steps to reproduce

Configure a media type File field to use an unsafe extension, for example: "html"
Run security review checklist
Visit /admin/reports/security-review/help/security_review/upload_extensions
You will see "The website encountered an unexpected error. Please try again later." on a white page. An exception has been thrown.

Data model changes

🐛 Bug report

Status

Closed: duplicate

Version

2.0

Component

Code

Created by

🇪🇸Spain juanolalla

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @juanolalla
Status changed to Postponed: needs info over 1 year ago5:11pm 1 September 2023
Comment over 1 year ago →
🇺🇸United States smustgrave
Tried replicating but was unable is there a missing step?
Status changed to Closed: duplicate over 1 year ago5:14pm 1 September 2023
Comment over 1 year ago →
🇺🇸United States smustgrave
User testing error. While on https://www.drupal.org/project/security_review/issues/3338061 ✨ Add the ability to hush specific fields for "Unsafe file extensions allowed in uploads" check Needs work I do NOT get the error. So lets address over there.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024