"Disable JavaScripts" crashes site when the supposed scheme is invalid

Created on 25 January 2024, 11 months ago

Problem/Motivation

When the user unintentionally specifies an invalid javascript definition, e.g. a category called "category", and a protocol-less URL of //example.com/main.js (which I'm aware is also a bit of an anti-pattern). It assumes the category is a URL protocol and fails to parse it further down the line and crashes the entire site.

I'm aware there's documentation to always add the appropriate HTTP/HTTPS protocol, so this could be mitigated that way, but I believe human error should not take the site down entirely with no means of recovering - I was able to work around it by editing the config using Drush (drush config:edit eu_cookie_compliance.settings).

Steps to reproduce

Adding the following entry:

First Category://example.com/main.js
Second Category://example.com/script.js
The website encountered an unexpected error. Please try again later.

Drupal\Core\File\Exception\InvalidStreamWrapperException: in Drupal\Core\File\FileUrlGenerator->doGenerateString() (line 106 of core/lib/Drupal/Core/File/FileUrlGenerator.php).
Drupal\Core\File\FileUrlGenerator->generateString() (Line: 986)
_eu_cookie_compliance_convert_relative_uri()
array_walk() (Line: 948)
_eu_cookie_compliance_explode_multiple_lines() (Line: 824)
eu_cookie_compliance_js_alter() (Line: 545)
Drupal\Core\Extension\ModuleHandler->alter() (Line: 261)
Drupal\Core\Asset\AssetResolver->getJsAssets() (Line: 318)
Drupal\Core\Render\HtmlResponseAttachmentsProcessor->processAssetLibraries() (Line: 157)
Drupal\Core\Render\HtmlResponseAttachmentsProcessor->processAttachments() (Line: 45)
Drupal\Core\EventSubscriber\HtmlResponseSubscriber->onRespond()
call_user_func() (Line: 111)
Drupal\Component\EventDispatcher\ContainerAwareEventDispatcher->dispatch() (Line: 196)
Symfony\Component\HttpKernel\HttpKernel->filterResponse() (Line: 142)
Symfony\Component\HttpKernel\HttpKernel->handleRaw() (Line: 74)
Symfony\Component\HttpKernel\HttpKernel->handle() (Line: 58)
Drupal\Core\StackMiddleware\Session->handle() (Line: 48)
Drupal\Core\StackMiddleware\KernelPreHandle->handle() (Line: 191)
Drupal\page_cache\StackMiddleware\PageCache->fetch() (Line: 128)
Drupal\page_cache\StackMiddleware\PageCache->lookup() (Line: 82)
Drupal\page_cache\StackMiddleware\PageCache->handle() (Line: 62)
Drupal\plymouth_migrate\StackMiddleware\PlymouthMigrateMiddleware->handle() (Line: 51)
Drupal\Core\StackMiddleware\NegotiationMiddleware->handle() (Line: 51)
Drupal\Core\StackMiddleware\StackedHttpKernel->handle() (Line: 692)
Drupal\Core\DrupalKernel->handle() (Line: 19)

Proposed resolution

Add validation on form submission to ensure the syntax and any supposed URL protocols are valid, then implement tests/PRs.

Remaining tasks

Provide PR.

User interface changes

N/A

🐛 Bug report
Status

Active

Version

1.0

Component

Code

Created by

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Production build 0.71.5 2024