- Issue created by @finnsky
- π¬π§United Kingdom alexpott πͺπΊπ
This is happening because code in system_form_alter() is accessing a request policy and therefore the hash salt prior to Drupal even being installed. The work around is to remove the code because as the issues summary of #2421503: SA-CORE-2014-002 forward port only checks internal cache β states
Wait for #2502785: Remove support for $form_state->setCached() for GET requests β : Remove support for $form_state->setCached() for GET requests. If/when that issue is done, this problem goes away since there'd be no $form_state persistence during any cacheable request.
So we can remove system_form_alter and page_cache_form_alter.
- Status changed to Closed: outdated
5 months ago 10:03am 27 August 2024 - π¬π§United Kingdom alexpott πͺπΊπ
What is also interest about this issue is why does it not affect all installs.... oh it does. Going to close this one, and revert the other issue and then go forward over there. Drupal 11.x cannot be interactively installed. Obviously somehow our test system does not pick this up.