Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Problem/Motivation
lib/Drupal/Core/Mail/MailManagerInterface.php: * $message['subject'] = t('Notification from !site', $variables, $options);
lib/Drupal/Core/Mail/MailManagerInterface.php: * $message['body'][] = t("Dear !username\n\nThere is new content available on the site.", $variables, $options);
modules/contact/contact.module: $message['subject'] .= t('[!form] !subject', $variables, $options);
modules/contact/contact.module: $message['body'][] = t("!sender-name (!sender-url) sent a message using the contact form at !form-url.", $variables, $options);
modules/contact/contact.module: $message['subject'] .= t('[!form] !subject', $variables, $options);
modules/contact/contact.module: $message['subject'] .= t('[!site-name] !subject', $variables, $options);
modules/contact/contact.module: $message['body'][] = t('Hello !recipient-name,', $variables, $options);
modules/contact/contact.module: $message['body'][] = t("!sender-name (!sender-url) has sent you a message via your contact form at !site-name.", $variables, $options);
modules/contact/contact.module: $message['body'][] = t("If you don't want to receive such emails, you can change your settings at !recipient-edit-url.", $variables, $options);
modules/contact/src/MailHandler.php: $sender_cloned->name = $this->t('!name (not verified)', array('!name' => $message->getSenderName()));
modules/update/update.module: $message['subject'] .= t('New release(s) available for !site_name', array('!site_name' => \Drupal::config('system.site')->get('name')), array('langcode' => $langcode));
modules/update/update.module: $message['body'][] = t('Your site is currently configured to send these emails when any updates are available. To get notified only for security updates, !url.', array('!url' => $settings_url));
modules/update/update.module: $message['body'][] = t('Your site is currently configured to send these emails only when security updates are available. To get notified for any available updates, !url.', array('!url' => $settings_url));
Proposed resolution
* htmlToText already converts to txt
* Email subjects needs to remove all html.
Beta phase evaluation
Remaining tasks
User interface changes
Ideally, fewer completely unexpected double-escaping bugs.
API changes
None.
Comment | File | Size | Author |
---|---|---|---|
#17 | 2572597-17.patch | 10.98 KB | alexpott |
#17 | 12-17-interdiff.txt | 875 bytes | alexpott |
#12 | 2572597-12.patch | 10.98 KB | alexpott |
#12 | 9-12-interdiff.txt | 914 bytes | alexpott |
#9 | 2572597-9.patch | 10.09 KB | alexpott |
Comments
Comment #2
alexpottThis is a duplicate of #2509218: Ensure that SafeString objects can be used in non-HTML contexts
Comment #3
alexpottActually let's postpone this on #2509218: Ensure that SafeString objects can be used in non-HTML contexts since the patch there is not addressing this.
Comment #4
BerdirComment #5
bircherComment #6
bircher@replace escapes the markup, so we need to un-escape it again before using it.
Comment #7
alexpottThis can now be done - we need to convert the html to plain text in PhpMail - we also need to document how mail's handle the their context.
Comment #8
alexpottComment #9
alexpottSo looking at
MailFormatHelper::htmlToText()
I don't think there is anything we need to do with email bodies.I think it might be nice to document what we do to email subject.
Comment #10
lauriiiMailFormatHelper::htmlToText()
seems to know what its doing..The patch is RTBC for me.
Comment #11
alexpottGoing to document the behaviour.
Comment #12
alexpottAdded some docs.
Comment #13
dawehnerIt feels a little bit bad to not exlicitly document what 'body' does, but we don't change it as part of the patch.
Comment #14
dawehnerComment #15
stefan.r CreditAttribution: stefan.r commentedRTBC++
Comment #16
lauriiiRTBC++
Comment #17
alexpottMinor fix to the comment.
Comment #19
catchCommitted/pushed to 8.0.x, thanks!
Comment #20
BerdirI don't think that mail subjects should be run through strip_tags(), see #2575791: Mail subject should not be run through strip_tags() as a follow-up.