- Issue created by @flyke
After enabling this module, I cannot open the settings page because of errors:
The website encountered an unexpected error. Try again later.
TypeError: Drupal\Component\Utility\Html::escape(): Argument #1 ($text) must be of type string, null given, called in /var/www/html/web/modules/contrib/x_frame_options/src/EventSubscriber/XframeSubscriber.php on line 43 in Drupal\Component\Utility\Html::escape() (line 433 of core/lib/Drupal/Component/Utility/Html.php).
Drupal\x_frame_options_configuration\EventSubscriber\XframeSubscriber->onKernelResponse() (Line: 246)
Symfony\Component\EventDispatcher\EventDispatcher::Symfony\Component\EventDispatcher\{closure}() (Line: 206)
Symfony\Component\EventDispatcher\EventDispatcher->callListeners() (Line: 56)
Symfony\Component\EventDispatcher\EventDispatcher->dispatch() (Line: 216)
Symfony\Component\HttpKernel\HttpKernel->filterResponse() (Line: 204)
Symfony\Component\HttpKernel\HttpKernel->handleRaw() (Line: 76)
Symfony\Component\HttpKernel\HttpKernel->handle() (Line: 44)
Drupal\redirect_after_login\RedirectMiddleware->handle() (Line: 53)
Drupal\Core\StackMiddleware\Session->handle() (Line: 48)
Drupal\Core\StackMiddleware\KernelPreHandle->handle() (Line: 28)
Drupal\Core\StackMiddleware\ContentLength->handle() (Line: 32)
Drupal\big_pipe\StackMiddleware\ContentLength->handle() (Line: 116)
Drupal\page_cache\StackMiddleware\PageCache->pass() (Line: 90)
Drupal\page_cache\StackMiddleware\PageCache->handle() (Line: 48)
Drupal\Core\StackMiddleware\ReverseProxyMiddleware->handle() (Line: 51)
Drupal\Core\StackMiddleware\NegotiationMiddleware->handle() (Line: 53)
Drupal\Core\StackMiddleware\AjaxPageState->handle() (Line: 51)
Drupal\Core\StackMiddleware\StackedHttpKernel->handle() (Line: 715)
Drupal\Core\DrupalKernel->handle() (Line: 19)composer require 'drupal/x_frame_options:1.x-dev@dev'drush en -y x_frame_options_configuration/admin/config/system/x_frame_options_configuration/settingsChange src/EventSubscriber/XframeSubscriber.php
From:
public function onKernelResponse(ResponseEvent $event) {
// Add the x-frame-options response header with the configured directive.
$directive = $this->config->get('x_frame_options_configuration.directive', 0);
$allow_from_uri = Html::escape($this->config->get('x_frame_options_configuration.allow-from-uri', ''));
$x_frame_options = Html::escape($directive) . (($directive == 'ALLOW-FROM') ? " " . UrlHelper::stripDangerousProtocols($allow_from_uri) : '');
$response = $event->getResponse();
// If option selected is ALLOW-ALL, removes header.
if ($x_frame_options == 'ALLOW-ALL') {
$response->headers->remove('X-Frame-Options');
}
else {
$response->headers->set('X-Frame-Options', $x_frame_options);
}
}Into:
public function onKernelResponse(ResponseEvent $event) {
// Add the x-frame-options response header with the configured directive.
$directive = $this->config->get('x_frame_options_configuration.directive') ?? 0;
$allow_from_uri = Html::escape($this->config->get('x_frame_options_configuration.allow-from-uri') ?? '');
$x_frame_options = Html::escape($directive) . (($directive == 'ALLOW-FROM') ? " " . UrlHelper::stripDangerousProtocols($allow_from_uri) : '');
$response = $event->getResponse();
// If option selected is ALLOW-ALL, removes header.
if ($x_frame_options == 'ALLOW-ALL') {
$response->headers->remove('X-Frame-Options');
}
else {
$response->headers->set('X-Frame-Options', $x_frame_options);
}
}Active
1.0
Code