- Issue created by @collinm
- 🇩🇪Germany slowflyer
I can not reproduce this error. (Using original filename).
OS 12.3.3, Drupal 12.2.5, PHP 8.3.3
- 🇳🇱Netherlands collinm
This morning I had the opportunity to do a test on the production environment with the images the client sent me. I cannot reproduce the issue the client could reproduce consistently with one of those images. I've asked them to send them to me via a file transfer service so I'm 100% certain I have the exact same files as they used.
- 🇳🇱Netherlands collinm
Today I could run the image upload test on the production environment and with the original image and with the current version of modules used I cannot reproduce it anymore.
Now when I try to upload the image the client could reproduce the issue with I get a file too large error (2MB limit). And the site is still fully functional afterwards. I've attached the image "Screenshot_20240412_055152_De Limburger Krant.jpg" to this issue.
Either something is still different with how the client is attempting this and I am. But I have the suspicion the emergency updates rollout that we did resolved the issue. I've included the composer output below so Open Social can check what the previous versions of modules and Drupal core were and to what they upgraded.
Gathering patches for root package. Removing package drupal/core so that it can be re-installed and re-patched. - Removing drupal/core (10.2.4) Deleting html/core - deleted Loading composer repositories with package information Updating dependencies Lock file operations: 0 installs, 43 updates, 0 removals - Upgrading chi-teck/drupal-code-generator (3.4.0 => 3.5.0) - Upgrading consolidation/annotated-command (4.9.2 => 4.10.0) - Upgrading consolidation/log (3.0.0 => 3.1.0) - Upgrading consolidation/output-formatters (4.3.2 => 4.5.0) - Upgrading consolidation/site-alias (4.0.1 => 4.1.0) - Upgrading consolidation/site-process (5.2.0 => 5.4.0) - Upgrading drupal/core (10.2.4 => 10.2.5) - Upgrading drupal/core-composer-scaffold (10.2.4 => 10.2.5) - Upgrading drupal/social_pwa (2.1.2 => 2.1.3) - Upgrading drupal/socialblue (2.5.6 => 2.5.7) - Upgrading goalgorilla/open_social (12.3.0 => 12.3.3) - Upgrading league/uri (7.4.0 => 7.4.1) - Upgrading league/uri-interfaces (7.4.0 => 7.4.1) - Upgrading masterminds/html5 (2.8.1 => 2.9.0) - Upgrading mglaman/phpstan-drupal (1.2.7 => 1.2.10) - Upgrading npm-asset/emoji-picker-element (1.21.1 => 1.21.2) - Upgrading paragonie/sodium_compat (v1.20.0 => v1.20.1) - Upgrading phpstan/phpstan (1.10.64 => 1.10.66) - Upgrading psy/psysh (v0.12.2 => v0.12.3) - Upgrading spomky-labs/pki-framework (1.1.1 => 1.2.1) - Upgrading symfony/console (v6.4.4 => v6.4.6) - Upgrading symfony/dependency-injection (v6.4.4 => v6.4.6) - Upgrading symfony/error-handler (v6.4.4 => v6.4.6) - Upgrading symfony/event-dispatcher-contracts (v3.4.0 => v3.4.2) - Upgrading symfony/filesystem (v6.4.3 => v6.4.6) - Upgrading symfony/http-client (v6.4.5 => v6.4.6) - Upgrading symfony/http-client-contracts (v3.4.0 => v3.4.2) - Upgrading symfony/http-kernel (v6.4.5 => v6.4.6) - Upgrading symfony/mailer (v6.4.4 => v6.4.6) - Upgrading symfony/mime (v6.4.3 => v6.4.6) - Upgrading symfony/psr-http-message-bridge (v6.4.3 => v6.4.6) - Upgrading symfony/routing (v6.4.5 => v6.4.6) - Upgrading symfony/serializer (v6.4.4 => v6.4.6) - Upgrading symfony/service-contracts (v3.4.1 => v3.4.2) - Upgrading symfony/translation-contracts (v3.4.1 => v3.4.2) - Upgrading symfony/validator (v6.4.4 => v6.4.6) - Upgrading symfony/var-dumper (v6.4.4 => v6.4.6) - Upgrading symfony/var-exporter (v6.4.4 => v6.4.6) - Upgrading web-token/jwt-key-mgmt (3.3.0 => 3.4.0) - Upgrading web-token/jwt-library (3.3.1 => 3.4.1) - Upgrading web-token/jwt-signature (3.3.0 => 3.4.0) - Upgrading web-token/jwt-signature-algorithm-ecdsa (3.3.0 => 3.4.0) - Upgrading web-token/jwt-util-ecc (3.3.0 => 3.4.0) Writing lock file Installing dependencies from lock file (including require-dev) Package operations: 1 install, 42 updates, 0 removals - Downloading consolidation/log (3.1.0) - Downloading symfony/filesystem (v6.4.6) - Downloading symfony/validator (v6.4.6) - Downloading symfony/serializer (v6.4.6) - Downloading symfony/psr-http-message-bridge (v6.4.6) - Downloading symfony/var-exporter (v6.4.6) - Downloading symfony/dependency-injection (v6.4.6) - Downloading masterminds/html5 (2.9.0) - Downloading drupal/core (10.2.5) - Downloading league/uri-interfaces (7.4.1) - Downloading league/uri (7.4.1) - Downloading spomky-labs/pki-framework (1.2.1) - Downloading paragonie/sodium_compat (v1.20.1) - Downloading web-token/jwt-library (3.4.1) - Downloading npm-asset/emoji-picker-element (1.21.2) - Downloading chi-teck/drupal-code-generator (3.5.0) - Downloading drupal/socialblue (2.5.7) - Downloading goalgorilla/open_social (12.3.3) - Downloading drupal/social_pwa (2.1.3) - Downloading phpstan/phpstan (1.10.66) - Downloading mglaman/phpstan-drupal (1.2.10) - Downloading consolidation/site-alias (4.1.0) - Downloading consolidation/site-process (5.4.0) - Downloading consolidation/output-formatters (4.5.0) - Downloading consolidation/annotated-command (4.10.0) Gathering patches for root package. Gathering patches for dependencies. This might take a minute. - Upgrading drupal/core-composer-scaffold (10.2.4 => 10.2.5): Extracting archive - Upgrading symfony/event-dispatcher-contracts (v3.4.0 => v3.4.2): Extracting archive - Upgrading symfony/var-dumper (v6.4.4 => v6.4.6): Extracting archive - Upgrading symfony/error-handler (v6.4.4 => v6.4.6): Extracting archive - Upgrading symfony/http-kernel (v6.4.5 => v6.4.6): Extracting archive - Upgrading symfony/service-contracts (v3.4.1 => v3.4.2): Extracting archive - Upgrading symfony/console (v6.4.4 => v6.4.6): Extracting archive - Upgrading consolidation/log (3.0.0 => 3.1.0): Extracting archive - Upgrading symfony/filesystem (v6.4.3 => v6.4.6): Extracting archive - Upgrading symfony/translation-contracts (v3.4.1 => v3.4.2): Extracting archive - Upgrading symfony/validator (v6.4.4 => v6.4.6): Extracting archive - Upgrading symfony/serializer (v6.4.4 => v6.4.6): Extracting archive - Upgrading symfony/routing (v6.4.5 => v6.4.6): Extracting archive - Upgrading symfony/psr-http-message-bridge (v6.4.3 => v6.4.6): Extracting archive - Upgrading symfony/mime (v6.4.3 => v6.4.6): Extracting archive - Upgrading symfony/mailer (v6.4.4 => v6.4.6): Extracting archive - Upgrading symfony/var-exporter (v6.4.4 => v6.4.6): Extracting archive - Upgrading symfony/dependency-injection (v6.4.4 => v6.4.6): Extracting archive - Upgrading masterminds/html5 (2.8.1 => 2.9.0): Extracting archive - Installing drupal/core (10.2.5): Extracting archive - Upgrading league/uri-interfaces (7.4.0 => 7.4.1): Extracting archive - Upgrading league/uri (7.4.0 => 7.4.1): Extracting archive - Upgrading symfony/http-client-contracts (v3.4.0 => v3.4.2): Extracting archive - Upgrading symfony/http-client (v6.4.5 => v6.4.6): Extracting archive - Upgrading spomky-labs/pki-framework (1.1.1 => 1.2.1): Extracting archive - Upgrading paragonie/sodium_compat (v1.20.0 => v1.20.1): Extracting archive - Upgrading web-token/jwt-library (3.3.1 => 3.4.1): Extracting archive - Upgrading web-token/jwt-util-ecc (3.3.0 => 3.4.0): Extracting archive - Upgrading web-token/jwt-signature-algorithm-ecdsa (3.3.0 => 3.4.0): Extracting archive - Upgrading web-token/jwt-signature (3.3.0 => 3.4.0): Extracting archive - Upgrading web-token/jwt-key-mgmt (3.3.0 => 3.4.0): Extracting archive - Upgrading npm-asset/emoji-picker-element (1.21.1 => 1.21.2): Extracting archive - Upgrading chi-teck/drupal-code-generator (3.4.0 => 3.5.0): Extracting archive - Upgrading drupal/socialblue (2.5.6 => 2.5.7): Extracting archive - Upgrading goalgorilla/open_social (12.3.0 => 12.3.3): Extracting archive - Upgrading drupal/social_pwa (2.1.2 => 2.1.3): Extracting archive - Upgrading phpstan/phpstan (1.10.64 => 1.10.66): Extracting archive - Upgrading mglaman/phpstan-drupal (1.2.7 => 1.2.10): Extracting archive - Upgrading psy/psysh (v0.12.2 => v0.12.3): Extracting archive - Upgrading consolidation/site-alias (4.0.1 => 4.1.0): Extracting archive - Upgrading consolidation/site-process (5.2.0 => 5.4.0): Extracting archive - Upgrading consolidation/output-formatters (4.3.2 => 4.5.0): Extracting archive - Upgrading consolidation/annotated-command (4.9.2 => 4.10.0): Extracting archive - Applying patches for drupal/core https://www.drupal.org/files/issues/2022-05-18/layout_builder_at-massageFormValues-argument-null-3281124-2.patch (Fix drupal 10 https://www.drupal.org/project/drupal/issues/3405115) Could not apply patch! Skipping. The error was: Cannot apply patch https://www.drupal.org/files/issues/2022-05-18/layout_builder_at-massageFormValues-argument-null-3281124-2.patch https://www.drupal.org/files/issues/2019-05-10/2528214-54.patch (Restrict images to this site blocks image style derivatives) https://www.drupal.org/files/issues/2018-12-28/2580551-72.patch (Optimize getCommentedEntity()) https://www.drupal.org/files/issues/2018-05-24/2974925-default-rid-config-causes-illegal-error.patch (Default role id causes issues with validation on VBO) https://www.drupal.org/files/issues/2020-06-17/views-exposed-form-block-args-2821962-39-8.9-notest.patch (Ensure views exposed form in a form block keeps contextual arguments (Updated)) https://www.drupal.org/files/issues/2023-12-18/1091852-186.patch (10.x Display Bug when using #states (Forms API) with Ajax Request) https://www.drupal.org/files/issues/2022-06-01/drupal-termstorage-loadTree-lang-3123561-13_0.patch (Can't specify the language in TermStorage::loadTree) https://www.drupal.org/files/issues/2020-12-18/drupal-3188258-aggregation-across-entity-reference-fail-2.patch (Issue #3188258: Aggregation queries fail across entity references) https://www.drupal.org/files/issues/2020-12-22/pagination-does-not-work-with-lazy-builder-3189538-2.patch (Pagination does not work correctly for comment fields that are rendered using #lazy_builder) https://www.drupal.org/files/issues/2020-12-29/2921093-18.patch (Providing default route value for entity forms is not possible) https://www.drupal.org/files/issues/2020-07-06/2842409-15.patch (Selecting the same day in a date between filter returns no results) https://www.drupal.org/files/issues/2019-10-21/2663316-76.drupal.Broken-title-in-modal-dialog-when-title-is-a-render-array.patch (Broken title in modal dialog when title is a render array) https://www.drupal.org/files/issues/2023-04-07/2910000-mr-1451-d95--floodmemorybackend-time-local_0.diff (Flood MemoryBackend::events[] key of micro time cannot guarantee uniqueness) https://www.drupal.org/files/issues/2022-02-07/2998390-8.patch (Issue #2998390: Cache is not invalidated when comment deleted) https://www.drupal.org/files/issues/2024-03-06/2786735-64.patch (Image derivative generation does not work if effect "Convert" in use and file stored in private filesystem) https://www.drupal.org/files/issues/2024-01-14/2107455-94.10.2.patch (Issue #2107455: Image field default value not shown when upload destination set to private file storage) https://www.drupal.org/files/issues/2021-04-18/2924783-18.patch (2924783 - Fatal error on entity autocomplete widget if entity label contains parentheses) https://www.drupal.org/files/issues/2023-10-29/3397494-revert-runtimeexception-untill-permissions-fixed.patch (Issue #3397494: Revert the runtime exception for permissions until we have fixed them all correctly) https://www.drupal.org/files/issues/2023-10-19/drupal-redirect-disable-validation-on-delete-entity-3395358-2.patch (Issue #3395358 - Redirecting a request during delete an entity when the redirect are disabled) https://www.drupal.org/files/issues/2024-01-22/3416251-3-revert-core-entity-delete-modal-changes.patch (Issue #3416251: Drupal 10.1.x revert of modal windows for entity delete operation) https://www.drupal.org/files/issues/2023-12-20/fix-toolbarjs-null-handling.patch (Issue #3409505: Uncaught TypeError: Cannot read properties of null (reading 'style') (toolbar.js)) https://www.drupal.org/files/issues/2018-07-05/2943172-kernel-test-base-3.patch (https://www.drupal.org/project/drupal/issues/2943172) - Applying patches for drupal/socialblue https://www.drupal.org/files/issues/2024-03-12/socialblue-add-hero-css-file-to-be-overwritten-custom-color-3427426-4.patch (Issue #3427426: Custom color being ignored for logged user in Search page) - 🇩🇪Germany slowflyer
From my point of view, this is or was never a bug of Open Social itself.
I would take a closer look in filesystem and webserver fileupload configuration.
- 🇳🇱Netherlands collinm
This cannot be a filesystem and webserver issue as nothing was changed there. But now it looks like it's working correctly after rolling out updates. The files were also moved to a location Open Social should have write access to.
I have a final appointment with the client to see if they can still reproduce this. If it then doesn't happen we know it was something in the updates that fixed this. And then it's up to Open Social to decide if it warrants time to figure out how this could happen, or that they'll close this issue.
- 🇳🇱Netherlands collinm
Had an online meeting with the client and we've figured out what I was doing differently (misunderstood where she was uploading the file). The client uploads the file as an inline image in the description field of a new topic. The image then does get displayed in the WYSIWYG editor, but the site also immediately gives a JavaScript pop-up with the message "Couldn't upload the file: ". And at this point the entire html directory is already moved and the site is no longer functional.
I've updated this issue with the correct steps to reproduce.
- 🇳🇱Netherlands ronaldtebrake
Thanks for the update, appreciated!
Unfortunately I'm having a real hard time reproducing this.
I have made sure it uses the private file system, set a limit to 2MB, I'm on 12.3.0 of Open Social
Used the image provided, I get the following:The image is then removed, I can't save the topic anymore because the image is gone:
Also the image isn't ending up in my private file / inline-images, nor does anything happen with the html directory.
I also have a hard time finding out what in Open Social could be the culprit here. Especially that part should be default editor behavior.
Does it now happen with both images? From the name of the html directory shown it seems that the smaller image "limburger.jpeg" also triggers this for your client?
If possible would be good to see which modules are enabled there, runningdrush pml | grep Enabledcould be an easy way for that. - 🇳🇱Netherlands collinm
I know it happens with the "Screenshot_20240412_055152_De Limburger Krant.jpg". I haven't verified if the other image also triggers it on the production environment.
The only differences I see with how you did it is that "News" is what is checked in my test case (also the only option that is available). And that we're doing it under Dutch, so our path is: /nl/node/add/topic
I've run the command and this is the output (redacted info that can be traced to the client and marked "CLIENT"):
Core Automated Cron (automated_cron) Enabled 10.2.5 Core Block (block) Enabled 10.2.5 Core Block Content (block_content) Enabled 10.2.5 Core Breakpoint (breakpoint) Enabled 10.2.5 Core CKEditor 5 (ckeditor5) Enabled 10.2.5 Core Comment (comment) Enabled 10.2.5 Core Configuration Manager (config) Enabled 10.2.5 Multilingual Configuration Translation (config_translation) Enabled 10.2.5 Multilingual Content Translation (content_translation) Enabled 10.2.5 Field types Datetime (datetime) Enabled 10.2.5 Core Database Logging (dblog) Enabled 10.2.5 Core Internal Dynamic Page Cache (dynamic_page_cache) Enabled 10.2.5 Core Text Editor (editor) Enabled 10.2.5 Core Field (field) Enabled 10.2.5 Core Field UI (field_ui) Enabled 10.2.5 Field types File (file) Enabled 10.2.5 Core Filter (filter) Enabled 10.2.5 Field types Image (image) Enabled 10.2.5 Core Inline Form Errors (inline_form_errors) Enabled 10.2.5 Multilingual Language (language) Enabled 10.2.5 Field types Link (link) Enabled 10.2.5 Multilingual Interface Translation (locale) Enabled 10.2.5 Core Custom Menu Links (menu_link_content) Enabled 10.2.5 Core Menu UI (menu_ui) Enabled 10.2.5 Core MySQL (mysql) Enabled 10.2.5 Core Node (node) Enabled 10.2.5 Field types Options (options) Enabled 10.2.5 Core Internal Page Cache (page_cache) Enabled 10.2.5 Core Path (path) Enabled 10.2.5 Core Path alias (path_alias) Enabled 10.2.5 Core Password Compatibility (phpass) Enabled 10.2.5 Web services RESTful Web Services (rest) Enabled 10.2.5 Web services Serialization (serialization) Enabled 10.2.5 Core System (system) Enabled 10.2.5 Core Taxonomy (taxonomy) Enabled 10.2.5 Field types Telephone (telephone) Enabled 10.2.5 Field types Text (text) Enabled 10.2.5 Core Toolbar (toolbar) Enabled 10.2.5 Core Update Manager (update) Enabled 10.2.5 Core User (user) Enabled 10.2.5 Core Views (views) Enabled 10.2.5 Core Views UI (views_ui) Enabled 10.2.5 Custom Activity Basics (activity_basics) Enabled Custom Activity Creator (activity_creator) Enabled Social Activity Logger (activity_logger) Enabled Social Activity Send (activity_send) Enabled Social Activity Send Email (activity_send_email) Enabled Social Activity Send Push Notification (activity_send_push_notification) Enabled Social Activity Viewer (activity_viewer) Enabled Field types Dropdown (dropdown) Enabled Custom Entity Access By Field (entity_access_by_field) Enabled Group Group request (grequest) Enabled Group Group Core Comments support (group_core_comments) Enabled Group Group Views Bulk Operations (gvbo) Enabled 1 Custom Improved Theme Settings (improved_theme_settings) Enabled Filters Mentions (mentions) Enabled Social Social Advanced Queue (social_advanced_queue) Enabled Other Social File Private (Deprecated) (social_file_private) Enabled Other Social Font (social_font) Enabled Social Social Language (social_language) Enabled Social (experimental) Social Queue item Storage (social_queue_storage) Enabled Social Social React (social_react) Enabled Custom template_suggestions_extra (template_suggestions_extra) Enabled Social Social Activity (social_activity) Enabled Social Social Comment (social_comment) Enabled Social Social Comment Upload (social_comment_upload) Enabled Social Social Core (social_core) Enabled Social Social Editor (social_editor) Enabled Social (experimental) Social Emoji (social_emoji) Enabled Other Social Event Add To Calendar (social_event_addtocal) Enabled Social Social Event Invite Enrolments (social_event_invite) Enabled Social Social Event Organisers (social_event_managers) Enabled Social Social Event Type (social_event_type) Enabled Social Social Event (social_event) Enabled Social Social Follow Content (social_follow_content) Enabled Social Social Flexible Group (social_group_flexible_group) Enabled Social Social Group VBO integration with Groups and Open Social (social_group_gvbo) Enabled Social Social Group Invite (social_group_invite) Enabled Social Social Group request (social_group_request) Enabled Social Social Secret Group (social_group_secret) Enabled Social Social Group (social_group) Enabled Social Social Like (social_like) Enabled Social Social Mentions (social_mentions) Enabled Social Social Node (social_node) Enabled Social Social Page (social_page) Enabled Social Social Post Album (social_post_album) Enabled Social Social Post Photo (social_post_photo) Enabled Social Social Post (social_post) Enabled Social Social Private Message (social_private_message) Enabled Social Social Profile Privacy (social_profile_privacy) Enabled Social Social Profile (social_profile) Enabled Social Social Search (social_search) Enabled Social Social Swiftmailer (social_swiftmail) Enabled Social Social Topic (social_topic) Enabled Social Social User (social_user) Enabled Field types Address (address) Enabled 8.x-1.12 Administration Admin Toolbar (admin_toolbar) Enabled 3.4.2 Other Advanced Queue (advancedqueue) Enabled 8.x-1.0-rc7 Views Better Exposed Filters (better_exposed_filters) Enabled 6.0.3 Other CKEditor 4 (contrib) (ckeditor) Enabled 1.0.2 Core Color (color) Enabled 1.0.3 Configuration Configuration Filter (config_filter) Enabled 8.x-1.12 Other Config Modify (config_modify) Enabled 1.0.0-rc1 Configuration Configuration Read-only (config_readonly) Enabled 8.x-1.0-beta5 Config Configuration Split (config_split) Enabled 8.x-1.9 Other Configuration Update Base (config_update) Enabled 2.0.0-alpha3 Media Crop API (crop) Enabled 8.x-2.3 Chaos tool suite Chaos Tools (ctools) Enabled 4.0.4 Field types Dynamic Entity Reference (dynamic_entity_reference) Enabled 3.2.0 Other Editor Advanced Link (editor_advanced_link) Enabled 2.2.4 Other Entity (entity) Enabled 8.x-1.4 Media EXIF Orientation (exif_orientation) Enabled 8.x-1.4 User interface External Links (extlink) Enabled 8.x-1.7 Fields Field Group (field_group) Enabled 8.x-3.4 File metadata File metadata manager (file_mdm) Enabled 8.x-2.6 File metadata File metadata - EXIF (file_mdm_exif) Enabled 8.x-2.6 File metadata File metadata - Font (file_mdm_font) Enabled 8.x-2.6 Flags Flag (flag) Enabled 8.x-4.0-beta4 Other Flexible permissions (flexible_permissions) Enabled 1.1.0 Other Gin Toolbar (gin_toolbar) Enabled 8.x-1.0-rc5 Group Group invite (ginvite) Enabled 2.2.3 Group Group (group) Enabled 8.x-1.6 Group Group Node (gnode) Enabled 8.x-1.6 Media Image Effects (image_effects) Enabled 8.x-3.4 Media ImageWidgetCrop (image_widget_crop) Enabled 8.x-2.4 jQuery UI jQuery UI (jquery_ui) Enabled 8.x-1.6 jQuery UI jQuery UI Autocomplete (jquery_ui_autocomplete) Enabled 2.0.0 jQuery UI jQuery UI Datepicker (jquery_ui_datepicker) Enabled 2.0.0 jQuery UI jQuery UI Menu (jquery_ui_menu) Enabled 2.0.0 jQuery UI jQuery UI Slider (jquery_ui_slider) Enabled 2.0.0 jQuery UI jQuery UI Touch Punch (jquery_ui_touch_punch) Enabled 1.1.0 Voting Like & Dislike (like_and_dislike) Enabled 8.x-1.0-beta3 Message Message (message) Enabled 8.x-1.5 Message Message Notify (message_notify) Enabled 8.x-1.3 Permissions Override Node Options (override_node_options) Enabled 8.x-2.7 Other Pathauto (pathauto) Enabled 8.x-1.12 Private Message Private Message Notify (private_message_notify) Enabled 3.0.0 Private Message Private Message (private_message) Enabled 3.0.0 Other Profile (profile) Enabled 8.x-1.8 Other Redirect 403 to User Login (r4032login) Enabled 2.2.1 Other Redirect (redirect) Enabled 8.x-1.9 Permissions Role Delegation (role_delegation) Enabled 8.x-1.2 Other Scheduler (scheduler) Enabled 8.x-1.5 Search Database Search (search_api_db) Enabled 8.x-1.31 Search Search API (search_api) Enabled 8.x-1.31 User interface Select2 (select2) Enabled 8.x-1.15 Social Activity Send Web Push (activity_send_push) Enabled 2.1.4 Social Social PWA (social_pwa) Enabled 2.1.4 Mail Drupal Symfony Mailer (symfony_mailer) Enabled 1.4.1 Other Token (token) Enabled 8.x-1.13 Other Ultimate Cron (ultimate_cron) Enabled 8.x-2.0-alpha6 Configuration Update Helper (update_helper) Enabled 4.0.0 Administration Upgrade Status (upgrade_status) Enabled Other VariationCache (variationcache) Enabled 8.x-1.5 Views Views Bulk Operations (views_bulk_operations) Enabled 4.2.6 Views Views Exposed Form Fieldset (views_ef_fieldset) Enabled 8.x-1.7 Views Views Infinite Scroll (views_infinite_scroll) Enabled 2.0.2 Voting Voting API (votingapi) Enabled 8.x-3.0-beta4 CLIENT CLIENT Module (client) Enabled 1 Core Claro (claro) Enabled 10.2.5 Bootstrap Bootstrap (bootstrap) Enabled 8.x-3.29 Gin (gin) Enabled 8.x-3.0-rc8 Social Base theme (socialbase) Enabled 2.5.14 Social Blue theme (socialblue) Enabled 2.5.7 Social CLIENT theme (socialCLIENT) Enabled - 🇳🇱Netherlands collinm
The client also managed to trigger this bug by uploading a tall inline image in the summary field of a new topic.
- 🇩🇪Germany Corn696 Flensburg
Maybe related to latest CORE SA?
Drupal core - Moderately critical - Improper error handling - SA-CORE-2024-002 → - 🇳🇱Netherlands collinm
Looks like we have a potential explanation for what the behaviour I've been seeing: https://www.drupal.org/sa-core-2024-002 →
This security advisory describes exactly what we've been seeing with this client website. I can't confirm if this is indeed the case as Drupal versions are managed via Open Social. But I'm very interested to see if an Open Social version that uses Drupal 10.3 resolves this.