Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Follow-up to #2506445: Replace !placeholder with @placeholder in t() and format_string() for non-URLs in tests
Problem/Motivation
First step of #2506427: [meta] !placeholder causes strings to be escaped and makes the sanitization API harder to understand.
Proposed resolution
- Replace
!placeholder
with@placeholder
, informat_string()/SafeMarkup::format()
usage only, excluding those used in URLs or non-html formats.
Bash command to use:
egrep -r '\format_string\(.*\!([a-zA-Z])+' * | grep -v 'href="!' | grep Test.php | grep -v "vendor" | grep -v ".js" | grep -v .css | grep -v "~"
Remaining tasks
TBD
User interface changes
Ideally, fewer completely unexpected double-escaping bugs.
API changes
None.
Comment | File | Size | Author |
---|---|---|---|
#5 | replace_placeholder-2567855-5.patch | 1.78 KB | lauriii |
Comments
Comment #2
xjmComment #3
xjmPostponing on #2506445: Replace !placeholder with @placeholder in t() and format_string() for non-URLs in tests since that one currently includes a bunch of
format_string()
.Comment #4
xjmThis one can start now.
Comment #5
lauriiiThese were the only ones I could find
Comment #6
effulgentsia CreditAttribution: effulgentsia at Acquia commentedNice! I can't find any additional ones either, even with these much more permissive commands:
Comment #7
alexpottCommitted b1c52e8 and pushed to 8.0.x. Thanks!