Preserve ?render=media-popup when clicking "Edit image" from popup [#2910369]

Steps to reproduce:

* Use Media 7.x-2.11 + WYSIWYG + Media WYSIWYG
* Modify an image (click "Add Image" with image selected in WYSIWYG), media/%fid/format-form will appear in modal iframe
* Click "Edit image"
* Edit image page will appear in popup, but with admin theme header/footer, admin menu inside iframe

Better would be to preserve the ?render=media-popup in the Edit Image link, then we will not see breadcrumb / admin theme elements / admin menu in the edit image page at file/%fid/edit

Before:
before

Current behaviour on clicking "Edit Image":

Comment	File	Size	Author
#2	media-2910369-preserve_render_parameter_on_edit_image.patch	1.88 KB	xurizaemon
#2	7.x-2.x: PHP 7 & MySQL 5.5, D7 60 pass
	media-preserve_render_param-2-improved_behaviour.png	148.68 KB	xurizaemon
	media-preserve_render_param-2-current_behaviour.png	164 KB	xurizaemon
	media-preserve_render_param-1.png	83.9 KB	xurizaemon

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

21 September 2017 at 02:52

xurizaemon created an issue. See original summary.

Comment #2

xurizaemon

he/him

Ōtepoti, Aotearoa 🏝

CreditAttribution: xurizaemon at Catalyst IT commented 21 September 2017 at 02:57

Status:

Active

» Needs review

File	Size
media-2910369-preserve_render_parameter_on_edit_image.patch	1.88 KB
7.x-2.x: PHP 7 & MySQL 5.5, D7 60 pass

Patch attached, here's the improved behaviour.

Screenshots show the modal content only, not the full page.

improved behaviour

Comment #3

joseph.olstad

French

CreditAttribution: joseph.olstad commented 21 September 2017 at 11:52

hmm,

render is already listed as a safe option in media.module . These are cached and pulled from cache, maybe have a look at the way we're using cache_set and cache_get and the options.
There's a simpletest for this you can look at the code.

/* tests/media.test: */
    $retrieved_settings = cache_get('media_options:' . $cid, 'cache_form');

/* media.module */
    // Filter out everything except a whitelist of known safe options.
    $safe_options = array(
      'enabledPlugins',
      'fid',
      'id',
      'multiselect',
      'field',
      'options',
      'plugins',
      'render',
      'types',
      'render_multi_edit_form',
    );

have a look at sa contrib which brought in cache_set and cache_get
https://drupal.org/node/2877316

Comment #4

xurizaemon

he/him

Ōtepoti, Aotearoa 🏝

CreditAttribution: xurizaemon at Catalyst IT commented 21 September 2017 at 22:26

@joseph.olstad, thanks for the quick reply and pointer to [#2877316], I will review that ... but I don't see how that being a "safe option" would preserve the render= parameter when generating that Edit Image button.

To be clear: this behaviour changes when navigating from "Embedding image.jpg" to "Edit image.jpg" in the modal.

Currently the link is generated in modules/media_wysiwyg/includes/media_wysiwyg.pages.inc@180 with:

l(t('Edit file'), 'file/'.$file->fid.'/edit', array('attributes' => array('class' => 'button', 'title' => t('Use for replace file or edit file fields.'))))

The patch above adds 'query' array entry to preserve the render param in button, so the linked form behaves as the current one.

Unless some filter is happening after that l(), or some JS is being applied? (Or, I'm misunderstanding your comment?)

Let me know if this needs to be submitted for 8.x-x.x as well in order to be considered, happy to supply a matching patch for that branch.

Comment #5

joseph.olstad

French

CreditAttribution: joseph.olstad commented 22 September 2017 at 14:18

Status:

Needs review

» Reviewed & tested by the community

ok, the patch looks good , although I haven't actually tested it but I did review it.
shouldn't cause any security issues as the render parameter is already whitelisted.

Comment #6

joseph.olstad

French

CreditAttribution: joseph.olstad commented 22 September 2017 at 14:20

Status:

Reviewed & tested by the community

» Needs review

actually, on second thought, would it be possible to try this patch with media 7.x-2.11?

For what reason are you still running version 2.2? is there a compatibility issue?

Comment #7

xurizaemon

he/him

Ōtepoti, Aotearoa 🏝

CreditAttribution: xurizaemon at Catalyst IT commented 22 September 2017 at 20:04

Issue summary:

View changes

My mistake, should have said 2.11 in the description. Patch is against 2.x-dev and tested against 2.11.

Comment #8

joseph.olstad

French

CreditAttribution: joseph.olstad commented 24 September 2017 at 13:43

Status:

Needs review

» Reviewed & tested by the community

Comment #9

joseph.olstad

French

CreditAttribution: joseph.olstad commented 3 October 2017 at 20:59

on the radar for commit soon

Comment #10

9 October 2017 at 13:38

joseph.olstad committed ca7d68c on 7.x-3.x authored by xurizaemon

Issue #2910369 by xurizaemon: Preserve ?render=media-popup when clicking...

Comment #11

9 October 2017 at 13:38

joseph.olstad committed ca7d68c on 7.x-2.x authored by xurizaemon

Issue #2910369 by xurizaemon: Preserve ?render=media-popup when clicking...

Comment #12

joseph.olstad

French

CreditAttribution: joseph.olstad commented 9 October 2017 at 13:39

Status:

Reviewed & tested by the community

» Fixed

Thanks @xurizaemon, keep 'em comming.

Comment #13

23 October 2017 at 13:39

Status:

Fixed

» Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

Preserve ?render=media-popup when clicking "Edit image" from popup

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

Comment #6

Comment #7

Comment #8

Comment #9

Comment #10

Comment #11

Comment #12

Comment #13

Thank you to these Drupal contributors

News items

Our community

Documentation

Drupal code base

Governance of community