Loading core/modules/views_ui/src/ViewEditForm.php +3 −2 Original line number Diff line number Diff line Loading @@ -16,6 +16,7 @@ use Drupal\Core\Url; use Drupal\views\Views; use Symfony\Component\DependencyInjection\ContainerInterface; use Symfony\Component\HttpFoundation\Exception\BadRequestException; use Symfony\Component\HttpFoundation\RequestStack; use Symfony\Component\HttpKernel\Exception\NotAcceptableHttpException; use Drupal\Core\Extension\ModuleHandlerInterface; Loading Loading @@ -464,7 +465,7 @@ public function getDisplayDetails($view, $display) { if ($path && (!str_contains($path, '%'))) { // Wrap this in a try/catch as trying to generate links to some // routes may throw a NotAcceptableHttpException if they do not // routes may throw an exception, for example if they do not // respond to HTML, such as RESTExports. try { if (!parse_url($path, PHP_URL_SCHEME)) { Loading @@ -476,7 +477,7 @@ public function getDisplayDetails($view, $display) { $url = Url::fromUri("base:$path"); } } catch (NotAcceptableHttpException $e) { catch (BadRequestException | NotAcceptableHttpException $e) { $url = '/' . $path; } Loading core/modules/views_ui/src/ViewListBuilder.php +3 −2 Original line number Diff line number Diff line Loading @@ -10,6 +10,7 @@ use Drupal\Core\Link; use Drupal\Core\Url; use Symfony\Component\DependencyInjection\ContainerInterface; use Symfony\Component\HttpFoundation\Exception\BadRequestException; use Symfony\Component\HttpKernel\Exception\NotAcceptableHttpException; /** Loading Loading @@ -261,14 +262,14 @@ protected function getDisplaysList(EntityInterface $view) { $path = $display->getPath(); if ($view->status() && !str_contains($path, '%')) { // Wrap this in a try/catch as trying to generate links to some // routes may throw a NotAcceptableHttpException if they do not // routes may throw an exception, for example if they do not // respond to HTML, such as RESTExports. try { // @todo Views should expect and store a leading /. See: // https://www.drupal.org/node/2423913 $rendered_path = Link::fromTextAndUrl('/' . $path, Url::fromUserInput('/' . $path))->toString(); } catch (NotAcceptableHttpException $e) { catch (BadRequestException | NotAcceptableHttpException $e) { $rendered_path = '/' . $path; } } Loading core/modules/views_ui/tests/modules/views_ui_test/config/install/views.view.sa_contrib_2013_035.yml +1 −1 Original line number Diff line number Diff line Loading @@ -183,4 +183,4 @@ display: display_plugin: page position: 2 display_options: path: foobar path: 'foobar ' core/modules/views_ui/tests/src/Functional/XssTest.php +2 −0 Original line number Diff line number Diff line Loading @@ -37,6 +37,8 @@ public function testViewsUi(): void { */ public function testNoDoubleEscaping(): void { $this->drupalGet('admin/structure/views'); $this->assertSession()->pageTextContains('sa_contrib_2013_035'); $this->assertSession()->pageTextContains('Page (/foobar )'); $this->assertSession()->assertNoEscaped('<'); $this->drupalGet('admin/structure/views/view/sa_contrib_2013_035'); Loading Loading
core/modules/views_ui/src/ViewEditForm.php +3 −2 Original line number Diff line number Diff line Loading @@ -16,6 +16,7 @@ use Drupal\Core\Url; use Drupal\views\Views; use Symfony\Component\DependencyInjection\ContainerInterface; use Symfony\Component\HttpFoundation\Exception\BadRequestException; use Symfony\Component\HttpFoundation\RequestStack; use Symfony\Component\HttpKernel\Exception\NotAcceptableHttpException; use Drupal\Core\Extension\ModuleHandlerInterface; Loading Loading @@ -464,7 +465,7 @@ public function getDisplayDetails($view, $display) { if ($path && (!str_contains($path, '%'))) { // Wrap this in a try/catch as trying to generate links to some // routes may throw a NotAcceptableHttpException if they do not // routes may throw an exception, for example if they do not // respond to HTML, such as RESTExports. try { if (!parse_url($path, PHP_URL_SCHEME)) { Loading @@ -476,7 +477,7 @@ public function getDisplayDetails($view, $display) { $url = Url::fromUri("base:$path"); } } catch (NotAcceptableHttpException $e) { catch (BadRequestException | NotAcceptableHttpException $e) { $url = '/' . $path; } Loading
core/modules/views_ui/src/ViewListBuilder.php +3 −2 Original line number Diff line number Diff line Loading @@ -10,6 +10,7 @@ use Drupal\Core\Link; use Drupal\Core\Url; use Symfony\Component\DependencyInjection\ContainerInterface; use Symfony\Component\HttpFoundation\Exception\BadRequestException; use Symfony\Component\HttpKernel\Exception\NotAcceptableHttpException; /** Loading Loading @@ -261,14 +262,14 @@ protected function getDisplaysList(EntityInterface $view) { $path = $display->getPath(); if ($view->status() && !str_contains($path, '%')) { // Wrap this in a try/catch as trying to generate links to some // routes may throw a NotAcceptableHttpException if they do not // routes may throw an exception, for example if they do not // respond to HTML, such as RESTExports. try { // @todo Views should expect and store a leading /. See: // https://www.drupal.org/node/2423913 $rendered_path = Link::fromTextAndUrl('/' . $path, Url::fromUserInput('/' . $path))->toString(); } catch (NotAcceptableHttpException $e) { catch (BadRequestException | NotAcceptableHttpException $e) { $rendered_path = '/' . $path; } } Loading
core/modules/views_ui/tests/modules/views_ui_test/config/install/views.view.sa_contrib_2013_035.yml +1 −1 Original line number Diff line number Diff line Loading @@ -183,4 +183,4 @@ display: display_plugin: page position: 2 display_options: path: foobar path: 'foobar '
core/modules/views_ui/tests/src/Functional/XssTest.php +2 −0 Original line number Diff line number Diff line Loading @@ -37,6 +37,8 @@ public function testViewsUi(): void { */ public function testNoDoubleEscaping(): void { $this->drupalGet('admin/structure/views'); $this->assertSession()->pageTextContains('sa_contrib_2013_035'); $this->assertSession()->pageTextContains('Page (/foobar )'); $this->assertSession()->assertNoEscaped('<'); $this->drupalGet('admin/structure/views/view/sa_contrib_2013_035'); Loading
