AJAX Response Not Sanitized For Length

Adding the following to web/core/lib/Drupal/Core/Ajax/AjaxResponse.php

  /**
   * Safely send headers and content.
   *
   * Empty anything already in the output buffer. Then, use the parent method
   * to send headers and content.
   *
   * @return $this
   */ 
  public function send(): static {
    ob_clean();
    return parent::send(); // TODO: Change the autogenerated stub
  }

Changes are made on on 11.x (our main development branch) first, and are then back ported as needed according to our policies. So, changing this to 11.x.

@quietone Thanks!

Bumping this to major, while it's technically a workaround for extra whitespace in PHP code, it would make everyone's lives a lot easier if it works well.

jasonsafro → closed merge request !10605

Setting priority back to Major per #10

This is neat, but it does hide the real problem. I thought about a different solution when I ran into this before - leading whitespace in a .module file - but never implemented it: when we include .module or .theme files, we could wrap them in ob_start() and ob_end_clean(), and optionally throw a warning to tell developers that there is a problem with their file?

🐛 Uncaught ajax.js error / exception Active is possibly fixed by this as well.

Screenshot with notes to help in testing / debugging.

@longwave You are not wrong. I'm not even sure what is "the real error". Is the real error that someone left some whitespace outside the PHP tags? Or, is the real error that Drupal sets content-length without accurately counting?

If there's a better solution, I'm all for it. But, I'd like to make some change. Debugging this error was not fun or easy.

#16 is worth a try and it would be easier to add a test. Since it could potentially run on every request, we should probably do it in an assert rather than actual logging?

Probably need to support include files too but that can be done in ModuleHandler::loadInclude().