- Issue created by @VISIOS
- ๐จ๐ฟCzech Republic maxiorel Brno
Yes, having the same problems, if the text has any special characters like umlauts.
- ๐จ๐ญSwitzerland mistrae
It happen with drupal 10.2, rolling back to 10.1 fixes the problem. So I think we need to open a ticket on the core issues.
- ๐จ๐ญSwitzerland mistrae
Since this problem comes from an outside library now used in core, should we fix this here ? Removing htmlentities() seems to fix the issue.
- First commit to issue fork.
- Status changed to Needs review
over 1 year ago 9:09pm 26 February 2024 - ๐บ๐ธUnited States jayhuskins
The MR !7 will also fix this issue:
https://www.drupal.org/project/linked_field/issues/2979890 โMay require a new release version though, because unlike the previous functionality which searches for an image tag, this just wraps whatever the field would render in a link.
- ๐ซ๐ทFrance mably
We have the same problem here.
Just applied the patch above and everything seems to be back to normal.
Thanks. - ๐ง๐ชBelgium weseze
Changes in MR are already committed (but not released), see ๐ Linking breaks responsive image formats Fixed . (should really have this released)
Also, for us at least, this does not fix the issue. Special characters are still being stripped out.We tried reverting the change from core: ๐ [PP-upstream] Serialize function strips accents Postponed
That fixes the issue, but creates a whole new set of issues with contextual links being broken.
These seem to be converted into self-closing div tags, which is incorrect html and causes the contextual JS logic to incorrectly replace those.The only full solution we fount, is to use patch #8 from ๐ Linking breaks responsive image formats Fixed in combination with removing the "$text = htmlentities($text, ENT_QUOTES, 'UTF-8');" and "$value = Html::decodeEntities($value);". (see patch attached here)
- ๐ง๐ชBelgium weseze
Updated the patch. It sill gave us issues.
After further debugging noticed that the $text variable isn't actually a string, but a text object. It can be used straight up without any parsing to preserve all special characters. A usable patch has been generated for the current official version 1.5.
- ๐ต๐นPortugal jrochate
Same here. Version 1.6 has the problem with special chars. Patch in #15 for the 1.5 version works fine.
- ๐ฎ๐ณIndia hetal.solanki
Hetal.Solanki โ made their first commit to this issueโs fork.
- Assigned to hetal.solanki
- Issue was unassigned.
- ๐ฎ๐ณIndia hetal.solanki
@VISIOS
I have converted patch #15 into MR for easy use.
This is my commit : https://git.drupalcode.org/project/linked_field/-/merge_requests/9/diffs...Thank you!!
- ๐ซ๐ทFrance mably
@Hetal.Solanki it looks like you have overridden my own MR. Hopefully I had created a patch that we use in our composer.json...
- ๐ฎ๐ณIndia hetal.solanki
@mably
I have just converted patch #15 into an MR. Just because if in the future this MR merge, we don't need to use an extra patch.
- ๐ซ๐ทFrance mably
@Hetal.Solanki you should have updated MR 7 and not MR 9 which implemented a different type of fix.
Or even better, create a new MR.
- ๐ฎ๐ณIndia hetal.solanki
@mably
Okay, i am creating a new MR for patch #15.
- ๐ต๐นPortugal jrochate
This is getting a little messy.
The #12 works fine on module's 1.5 and 1.6 version.
- ๐บ๐ธUnited States damienmckenna NH, USA
I think #15 / MR 11 is the correct long-term approach; I was about to open another issue to rewrite the output to use a render array instead of converting it to a link tag, but it would be good for a maintainer to chime in on what approach they want.
- ๐บ๐ธUnited States xenophyle
The patch from #15 was causing
InvalidArgumentException: "content" is an invalid render array key. Value should be an array but got a string. in Drupal\Core\Render\Element::children() (line 97 of core/lib/Drupal/Core/Render/Element.php).The error went away when we reverted to patch #12.
- ๐ธ๐ชSweden kristofferwiklund
Solution in MR11 kind of worked but hade problem applying them. Had do download a adjust the patch a bit. Removed the code cleaning commits from the patches.
- First commit to issue fork.
- Merge request !19fix(linked-field-manager): Remove Html::serialize function that strips accents and replace it by \DOMDocument->saveHTML() function โ (Closed) created by zilloww
- ๐จ๐ญSwitzerland zilloww
zilloww โ changed the visibility of the branch 3415509-special-characters-stripped to hidden.
- Merge request !20fix(linked-field-manager): Remove Html::serialize function that strips accents and replace it by \DOMDocument->saveHTML() function โ (Merged) created by zilloww
- ๐จ๐ญSwitzerland zilloww
Just made a new working MR (#20) for this issue. I removed the Html::serialize method in `src/LinkedFieldManager.php` and replaced it with the `\DOMDocument->saveHtml()` function. Since the Html::serialize function handled XSS injections vulns, I added Xss::filterAdmin() method on the $html param. Would it be possible to test it and approve it since the solution seems correct on long time.
- ๐ต๐นPortugal jrochate
Awesome. Please don't forget to credit who you think might have contributed to this issue.
- ๐ง๐ชBelgium weseze
The changes committed here have broken all of our sites... We were using patch #12 previously which worked perfectly fine...
When using it now, the new release without the patch, a lot of HTML from our twig files is filtered out.
This is because of the filtering: "$safe_html = Xss::filterAdmin($html);"
I don't understand why the HTML needs to be filtered, shouldn't it be trusted at this point?
It's already gone through all normal Drupal rendering, so I don't see why it would need any more checking or filtering...Also, when trying to debug, we could not find the twig templates debug output, because it was stripped from the HTML. This breaks twig debugging output for all linked_fields... Very unfortunate.
So, at least for us, this "fix" and new release is unusable and actually breaks most of our websites...
Attached is a patch that does not filter the html. (as I really don't see the point of doing that...)
- ๐ฉ๐ชGermany yannickoo Berlin
Hello @weseze, can you provide me an example of the values you are using for the attributes so I can have another look on that? Let's try to get another fix that also works in your case out asap!
- ๐ง๐ชBelgium weseze
Attached a screenshot of or config for the field that is breaking.
The relevant part from the config:
content: field_image: type: entity_reference_entity_view label: hidden settings: view_mode: scale_scale link: false third_party_settings: linked_field: linked: '1' type: field destination: field_image_link advanced: { } token: '' weight: 0 region: contentThe image is rendered as media entity, the media entity renders the image through the drimage module with this twig file:
{% set dummy_image = "data:image/svg+xml;charset=utf8,%3Csvg xmlns='http://www.w3.org/2000/svg'%20width='" ~ width ~ "'%20height='" ~ height ~ "'%20viewBox='0%200%20" ~ width ~ "%20" ~ height ~"'%20%3E%3C/svg%3E" %} {{ attach_library('drimage/drimage') }} <div {{ item_attributes }} data-drimage="{{ data|json_encode }}"> {# Prevent spaces in the link by glueing a and picture element together. #} {% if url %} <a href="{{ url }}"><picture> {% else %} <picture> {% endif %} {% if core_webp or imageapi_optimize_webp %} <source data-format="webp" srcset="{{ dummy_image }}" type="image/webp"> {% endif %} <img src="{{ dummy_image }}" width="{{ width }}" height="{{ height }}" alt="{{ alt }}" {% if title %}title="{{ title }}"{% endif %} /> {% if url %} </picture></a> {% else %} </picture> {% endif %} </div> <noscript> <img src="{{ data.original_source }}" alt="{{ alt }}"{% if title %} title="{{ title }}"{% endif %} width="{{ data.original_width }}" height="{{ data.original_height }}"> </noscript>Specifally in our case the noscript tag is filtered out, which outputs all our images (with a link) twice.
- Status changed to Fixed
18 days ago 2:49pm 26 June 2025 Automatically closed - issue fixed for 2 weeks with no activity.