Text formats should throw an error and refuse to process if a plugin goes missing

Created on 28 August 2009, over 15 years ago
Updated 29 August 2023, over 1 year ago

Problem/Motivation

Originally, from #560740-7: "Escape all HTML" filter does not escape any HTML
Then we thought #2348925: Uninstalling a filter plugin removes text formats fixed this.
But, we still need to resolve the behaviour in the following case:

1. A text format is configured to use a plugin

2. The plugin disappears.

There are now many less instances where a plugin can disappear, but not quite all of them:

1. The plugin could be removed or renamed in a contrib module with no upgrade path
2. The contrib module is removed from the system entirely without running uninstall

Neither of those cases are 'allowed', but is worth warning people about it. Even in these unsupported edge cases, Drupal should remain safe.

Proposed resolution

In either of those cases, when trying to run a text format, it should cause both an error and refuse to render the string.

Throw any kind of fatal error due to the class not existing or similar - as long as we don't fail completely silently as if nothing happened. - Simple. And puts the burden on those doing the crazy things: modules changing filters without upgrade path or developers removing code without letting Drupal know.

Beta phase evaluation

<!--Uncomment the relevant rows for the issue. -->

This is allowed in the beta because it is a major bug dealing with a priority change: security and the impact is greater than the disruption.

Remaining tasks

User interface changes

API changes

Original report by @sun

#560740-7: "Escape all HTML" filter does not escape any HTML

First pass.

Not sufficient.

🐛 Bug report
Status

Closed: outdated

Version

11.0 🔥

Component
Filter 

Last updated 3 days ago

No maintainer
Created by

🇩🇪Germany sun Karlsruhe

Live updates comments and jobs are added and updated live.
  • Security

    It is used for security vulnerabilities which do not need a security advisory. For example, security issues in projects which do not have security advisory coverage, or forward-porting a change already disclosed in a security advisory. See Drupal’s security advisory policy for details. Be careful publicly disclosing security vulnerabilities! Use the “Report a security vulnerability” link in the project page’s sidebar. See how to report a security issue for details.

Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Production build 0.71.5 2024