Like the title says.

I'm not seeing where it'd actually be used for escaping the JS. Serving XHTML as application/xml never took off because (thanks to?) IE.

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Status: Needs review » Needs work

The last submitted patch, core-base-remove-CDATA-esc.patch, failed testing.

geek-merlin’s picture

Issue summary: View changes
Status: Needs work » Closed (duplicate)
akalata’s picture

Component: base system » theme system
Category: Bug report » Task
Status: Closed (duplicate) » Needs work

This was incorrectly marked as a duplicate; the referenced issue fixed incorrect auto-escaping, where this issue is about removing CDATA statements completely.

RainbowArray’s picture

Nice writeup on CSS Tricks: https://css-tricks.com/the-script-tag/.

Unless somebody is using Drupal 8 to create an XHTML site, which they should not be doing, we do not need CDATA.

akalata’s picture

Status: Needs work » Needs review
FileSize
1.29 KB

Status: Needs review » Needs work

The last submitted patch, 5: 2120113-5.patch, failed testing.

akalata’s picture

From YesCT: ag CDATA core --ignore="core/vendor" --ignore="test" --ignore="*Test.php" --ignore="*.js" might be a good way to search for CDATA, though we do need to allow Test files.

harjotsingh’s picture

Status: Needs work » Needs review
FileSize
2.75 KB


CDATA is found in
/core/lib/Drupal/Core/Asset/JsCollectionRenderer.php
and
core/lib/Drupal/Component/Utility/Html.php

Status: Needs review » Needs work

The last submitted patch, 8: xhtml_is_not_a_thing-2120113-8.diff, failed testing.

nlisgo’s picture

Status: Needs work » Needs review
FileSize
3.72 KB
5.94 KB

Status: Needs review » Needs work

The last submitted patch, 10: xhtml_is_not_a_thing-2120113-10.patch, failed testing.

nlisgo’s picture

Status: Needs work » Needs review
FileSize
1.29 KB
nlisgo’s picture

I got a bit carried away on my path in #10. The scope of this issue is to remove CDATA tags from inline CSS/JS.

Status: Needs review » Needs work

The last submitted patch, 12: xhtml_is_not_a_thing-2120113-12.patch, failed testing.

nod_’s picture

Status: Needs work » Closed (duplicate)
joelpittet’s picture

@nod_ are you sure? That issue looks like it's adding CDATA stuff not removing it.

I was just made aware of this issue this morning.

RainbowArray’s picture

Looking at the patch on #2510104, it does look like it got rid of the same CDATA lines we were trying to get rid of here.

joelpittet’s picture

Status: Closed (duplicate) » Needs review

Re-opening must have been a mistake.

YesCT’s picture

YesCT’s picture

Status: Needs review » Closed (duplicate)

so #2550467: Remove #value_prefix and #value_suffix from HtmlTag is doing more, but also doing what this was going to do.
marking duplicate.

(might be good to credit the people who worked on this there.)

alexpott’s picture

Note that the wrapping of drupal settings in JSON was removed by #2510104: Convert drupalSettings from JavaScript to JSON, to allow for CSP in the future and all the code changed in the last patch on this issue was removed in that issue.