Issue #2710427 by smustgrave, longwave, akhoury, alexpott, ChaseOnTheWeb,...

Issue #2710427 by smustgrave, longwave, akhoury, alexpott, ChaseOnTheWeb, Spokje, Wim Leers, aby v a, frob, alison, catch, smulvih2, pameeela, ranjith_kumar_k_u, vsujeetkumar, becassin: Broken "Allowed Tags" updating: after all values for an attribute are allowed, it should not be overridden to allow only certain attribute values

(cherry picked from commit 2aa0817d)

core/modules/filter/filter.filter_html.admin.js

@@ -6,8 +6,9 @@
 (function ($, Drupal, document) {
   if (Drupal.filterConfiguration) {
     /**
-     * Implement a live setting parser to prevent text editors from automatically
-     * enabling buttons that are not allowed by this filter's configuration.
+     * Implement a live setting parser to prevent text editors from
+     * automatically enabling buttons that are not allowed by this filter's
+     * configuration.
      *
      * @namespace
      */
@@ -202,8 +203,13 @@
               //   https://www.drupal.org/node/2567801 lands.
               filterRule.restrictedTags.allowed.attributes =
                 featureRule.required.attributes.slice(0);
-              filterRule.restrictedTags.allowed.classes =
-                featureRule.required.classes.slice(0);
+              if (
+                userAllowedTags[tag] !== undefined &&
+                userAllowedTags[tag].restrictedTags.allowed.classes[0] !== ''
+              ) {
+                filterRule.restrictedTags.allowed.classes =
+                  featureRule.required.classes.slice(0);
+              }
               editorRequiredTags[tag] = filterRule;
             }
             // The tag is already allowed, add any additionally allowed
@@ -214,10 +220,15 @@
                 ...filterRule.restrictedTags.allowed.attributes,
                 ...featureRule.required.attributes,
               ];
-              filterRule.restrictedTags.allowed.classes = [
-                ...filterRule.restrictedTags.allowed.classes,
-                ...featureRule.required.classes,
-              ];
+              if (
+                userAllowedTags[tag] !== undefined &&
+                userAllowedTags[tag].restrictedTags.allowed.classes[0] !== ''
+              ) {
+                filterRule.restrictedTags.allowed.classes = [
+                  ...filterRule.restrictedTags.allowed.classes,
+                  ...featureRule.required.classes,
+                ];
+              }
             }
           }
         }
@@ -343,6 +354,7 @@
     _generateSetting(tags) {
       return Object.keys(tags).reduce((setting, tag) => {
         const rule = tags[tag];
+        const allowedClasses = rule.restrictedTags.allowed.classes;
 
         if (setting.length) {
           setting += ' ';
@@ -357,10 +369,10 @@
         //   values. The filter_html filter always disallows the "style"
         //   attribute, so we only need to support "class" attribute value
         //   restrictions. Fix once https://www.drupal.org/node/2567801 lands.
-        if (rule.restrictedTags.allowed.classes.length) {
-          setting += ` class="${rule.restrictedTags.allowed.classes.join(
-            ' ',
-          )}"`;
+        if (allowedClasses.length === 1 && allowedClasses[0] === '') {
+          setting += ' class';
+        } else if (allowedClasses.length) {
+          setting += ' class="'.concat(allowedClasses.join(' '), '"');
         }
 
         setting += '>';