Commit 60bf71e2 authored by catch's avatar catch

Issue #1799440 by dagmar, znerol, Albert Volkman: Convert Filter variables to Configuration System.

parent 85996b00
...@@ -1296,7 +1296,10 @@ function drupal_strip_dangerous_protocols($uri) { ...@@ -1296,7 +1296,10 @@ function drupal_strip_dangerous_protocols($uri) {
static $allowed_protocols; static $allowed_protocols;
if (!isset($allowed_protocols)) { if (!isset($allowed_protocols)) {
$allowed_protocols = array_flip(variable_get('filter_allowed_protocols', array('ftp', 'http', 'https', 'irc', 'mailto', 'news', 'nntp', 'rtsp', 'sftp', 'ssh', 'tel', 'telnet', 'webcal'))); // filter_xss_admin() is called by the installer and update.php, in which
// case the configuration may not exist (yet). Provide a minimal default set
// of allowed protocols for these cases.
$allowed_protocols = array_flip(config('system.filter')->get('protocols') ?: array('http', 'https'));
} }
// Iteratively remove any invalid protocol found. // Iteratively remove any invalid protocol found.
......
...@@ -143,7 +143,25 @@ function filter_install() { ...@@ -143,7 +143,25 @@ function filter_install() {
); );
$plain_text_format = (object) $plain_text_format; $plain_text_format = (object) $plain_text_format;
filter_format_save($plain_text_format); filter_format_save($plain_text_format);
}
// Set the fallback format to plain text. /**
variable_set('filter_fallback_format', $plain_text_format->format); * @addtogroup updates-7.x-to-8.x
* @{
*/
/**
* Moves filter_fallback settings from variable to config.
*
* @ingroup config_upgrade
*/
function filter_update_8000() {
update_variables_to_config('filter.settings', array(
'filter_fallback_format' => 'fallback_format',
));
} }
/**
* @} End of "defgroup updates-7.x-to-8.x".
* The next series of updates should start at 9000.
*/
...@@ -639,7 +639,7 @@ function filter_fallback_format() { ...@@ -639,7 +639,7 @@ function filter_fallback_format() {
// existing (and potentially unsafe) text format on the site automatically // existing (and potentially unsafe) text format on the site automatically
// available to all users. Returning NULL at least guarantees that this // available to all users. Returning NULL at least guarantees that this
// cannot happen. // cannot happen.
return variable_get('filter_fallback_format'); return config('filter.settings')->get('fallback_format');
} }
/** /**
...@@ -1552,7 +1552,7 @@ function _filter_url($text, $filter) { ...@@ -1552,7 +1552,7 @@ function _filter_url($text, $filter) {
// we cannot cleanly differ between protocols here without hard-coding MAILTO, // we cannot cleanly differ between protocols here without hard-coding MAILTO,
// so '//' is optional for all protocols. // so '//' is optional for all protocols.
// @see filter_xss_bad_protocol() // @see filter_xss_bad_protocol()
$protocols = variable_get('filter_allowed_protocols', array('http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'mailto', 'irc', 'ssh', 'sftp', 'webcal', 'rtsp')); $protocols = config('system.filter')->get('protocols');
$protocols = implode(':(?://)?|', $protocols) . ':(?://)?'; $protocols = implode(':(?://)?|', $protocols) . ':(?://)?';
// Prepare domain name pattern. // Prepare domain name pattern.
......
...@@ -7,13 +7,21 @@ ...@@ -7,13 +7,21 @@
namespace Drupal\filter\Tests; namespace Drupal\filter\Tests;
use Drupal\simpletest\UnitTestBase; use Drupal\simpletest\DrupalUnitTestBase;
use stdClass; use stdClass;
/** /**
* Unit tests for core filters. * Unit tests for core filters.
*/ */
class FilterUnitTest extends UnitTestBase { class FilterUnitTest extends DrupalUnitTestBase {
/**
* Modules to enable.
*
* @var array
*/
public static $modules = array('filter');
public static function getInfo() { public static function getInfo() {
return array( return array(
'name' => 'Filter module filters', 'name' => 'Filter module filters',
...@@ -22,6 +30,11 @@ public static function getInfo() { ...@@ -22,6 +30,11 @@ public static function getInfo() {
); );
} }
protected function setUp() {
parent::setUp();
config_install_default_config('module', 'system');
}
/** /**
* Tests the line break filter. * Tests the line break filter.
*/ */
...@@ -479,7 +492,7 @@ function testUrlFilter() { ...@@ -479,7 +492,7 @@ function testUrlFilter() {
), ),
// Absolute URL protocols. // Absolute URL protocols.
// The list to test is found in the beginning of _filter_url() at // The list to test is found in the beginning of _filter_url() at
// $protocols = variable_get('filter_allowed_protocols'... (approx line 1325). // $protocols = config('system.filter')->get('protocols')... (approx line 1555).
' '
https://example.com, https://example.com,
ftp://ftp.example.com, ftp://ftp.example.com,
......
protocols:
- http
- https
- ftp
- news
- nntp
- telnet
- mailto
- irc
- ssh
- sftp
- webcal
- rtsp
...@@ -7,12 +7,19 @@ ...@@ -7,12 +7,19 @@
namespace Drupal\system\Tests\Common; namespace Drupal\system\Tests\Common;
use Drupal\simpletest\UnitTestBase; use Drupal\simpletest\DrupalUnitTestBase;
/** /**
* Tests for check_plain(), filter_xss(), format_string(), and check_url(). * Tests for check_plain(), filter_xss(), format_string(), and check_url().
*/ */
class XssUnitTest extends UnitTestBase { class XssUnitTest extends DrupalUnitTestBase {
/**
* Modules to enable.
*
* @var array
*/
public static $modules = array('filter');
public static function getInfo() { public static function getInfo() {
return array( return array(
...@@ -22,6 +29,11 @@ public static function getInfo() { ...@@ -22,6 +29,11 @@ public static function getInfo() {
); );
} }
protected function setUp() {
parent::setUp();
config_install_default_config('module', 'system');
}
/** /**
* Checks that invalid multi-byte sequences are rejected. * Checks that invalid multi-byte sequences are rejected.
*/ */
......
...@@ -78,6 +78,17 @@ public function testVariableUpgrade() { ...@@ -78,6 +78,17 @@ public function testVariableUpgrade() {
'cancel_method' => 'user_cancel_reassign', 'cancel_method' => 'user_cancel_reassign',
); );
$expected_config['system.filter'] = array(
'protocols.0' => 'http',
'protocols.1' => 'https',
'protocols.2' => 'ftp',
'protocols.3' => 'mailto',
);
$expected_config['filter.settings'] = array(
'fallback_format' => 'plain_text'
);
foreach ($expected_config as $file => $values) { foreach ($expected_config as $file => $values) {
$config = config($file); $config = config($file);
$this->verbose(print_r($config->get(), TRUE)); $this->verbose(print_r($config->get(), TRUE));
......
...@@ -2208,6 +2208,21 @@ function system_update_8034() { ...@@ -2208,6 +2208,21 @@ function system_update_8034() {
)); ));
} }
/**
* Moves filter_allowed_protocols variable to config.
*
* This config is provided now by the system module because it is used by
* drupal_strip_dangerous_protocols() and must to be available before the filter
* module be installed.
*
* @ingroup config_upgrade
*/
function system_update_8035() {
update_variables_to_config('system.filter', array(
'filter_allowed_protocols' => 'protocols',
));
}
/** /**
* @} End of "defgroup updates-7.x-to-8.x". * @} End of "defgroup updates-7.x-to-8.x".
* The next series of updates should start at 9000. * The next series of updates should start at 9000.
......
...@@ -94,6 +94,10 @@ ...@@ -94,6 +94,10 @@
->values(array( ->values(array(
'name' => 'user_cancel_method', 'name' => 'user_cancel_method',
'value' => 's:20:"user_cancel_reassign"', 'value' => 's:20:"user_cancel_reassign"',
))
->values(array(
'name' => 'filter_allowed_protocols',
'value' => 'a:4:{i:0;s:4:"http";i:1;s:5:"https";i:2;s:3:"ftp";i:3;s:6:"mailto";}',
)) ))
->execute(); ->execute();
...@@ -105,4 +109,8 @@ ...@@ -105,4 +109,8 @@
->fields(array('value' => 's:22:"Testing config upgrade";')) ->fields(array('value' => 's:22:"Testing config upgrade";'))
->condition('name', 'site_name') ->condition('name', 'site_name')
->execute(); ->execute();
db_update('variable')
->fields(array('value' => 's:10:"plain_text";'))
->condition('name', 'filter_fallback_format')
->execute();
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment