Problem/Motivation

Lets remove usage of "blacklist" and "whitelist" in file_munge_filename() and its test \Drupal\KernelTests\Core\File\NameMungingTest

They are:

  • An historic bad labelling of people
  • Provide no context: "what is listed in them"?

Proposed resolution

TBD

Remaining tasks

User interface changes

None

API changes

@todo

Data model changes

@todo

Release notes snippet

@todo

CommentFileSizeAuthor
#16 3151087-16.patch2.88 KBrik-dev
#13 3151087-13.patch2.81 KBrik-dev
#9 3151087-9.patch3.16 KBrik-dev
#6 3151087-6.patch1.13 KBrik-dev
#4 3151087-2.patch1.12 KBrik-dev
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

alexpott created an issue. See original summary.

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
CreditAttribution: alexpott at Acro Commerce, Thunder commented
Issue tags: +Novice
Parent issue: » #2993575: Remove usage of "blacklist", "whitelist", use better terms instead
alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
CreditAttribution: alexpott at Acro Commerce, Thunder commented
Issue summary: View changes
rik-dev’s picture

rik-dev CreditAttribution: rik-dev at DevBranch commented
Status: Active » Needs review
FileSize
3151087-2.patch1.12 KB
alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
CreditAttribution: alexpott at Acro Commerce, Thunder commented
Issue summary: View changes
Status: Needs review » Needs work

This is looking pretty good. I think we can make a further improvement:

+++ b/core/includes/file.inc
@@ -185,7 +185,7 @@ function file_munge_filename($filename, $extensions, $alerts = TRUE) {
-    $whitelist = array_unique(explode(' ', strtolower(trim($extensions))));
+    $allowlist = array_unique(explode(' ', strtolower(trim($extensions))));

Let's change this to describe what is in the list. I.e. $allowed_extensions

Plus I checked and we can fix the related test too - \Drupal\KernelTests\Core\File\NameMungingTest

I've checked usages in core of file_munge_filename() and I can't see anything else to change.

rik-dev’s picture

rik-dev CreditAttribution: rik-dev at DevBranch commented
Status: Needs work » Needs review
FileSize
3151087-6.patch1.13 KB
Matroskeen’s picture

Matroskeen
Primary language Ukrainian
Location 🇺🇦 Ukraine, Lutsk
CreditAttribution: Matroskeen at DevBranch, Drupal Ukraine Community commented
Status: Needs review » Needs work

Please take a look into #5 regarding related test - \Drupal\KernelTests\Core\File\NameMungingTest

dww’s picture

dww
we/he/they
CreditAttribution: dww as a volunteer commented
Title: Replace use of whitelist/blacklist in file_munge_filename() » Replace use of whitelist/blacklist in file_munge_filename() and its tests

Huge +1 to this effort. Long overdue!

As someone far too familiar with file_munge_filename(), I can safely say that part of the change is ready. But great catch in #7 for also fixing the test(s). I checked core/modules/file/tests/src/* and didn't find anything else that needs help. So yeah, I think it's just core/tests/Drupal/KernelTests/Core/File/NameMungingTest.php

Thanks!
-Derek

rik-dev’s picture

rik-dev CreditAttribution: rik-dev at DevBranch commented
Status: Needs work » Needs review
FileSize
3151087-9.patch3.16 KB

@alexpott Thanks for review.

dww’s picture

dww
we/he/they
CreditAttribution: dww as a volunteer commented
Status: Needs review » Needs work

@rik-dev: Please get in the habit of uploading an interdiff with your patches. Thanks!

  1. +++ b/core/tests/Drupal/KernelTests/Core/File/NameMungingTest.php
@@ -66,16 +66,16 @@ public function testMungeIgnoreInsecure() {
+   * Allowed extensions are ignored by file_munge_filename().

    If we're changing it anyway, we should probably use:

    "Tests that allowed extensions..."

    since PHPDoc comments are supposed to start with a verb. 

  2. +++ b/core/tests/Drupal/KernelTests/Core/File/NameMungingTest.php
@@ -66,16 +66,16 @@ public function testMungeIgnoreInsecure() {
+    // Declare our allowed extension. The declared extensions should
     // be case insensitive so test using one with a different case.

    The 2nd line can now wrap more words into the previous line.

    Also, maybe start with:

    "Declare that our extension is allowed."

dww’s picture

dww
we/he/they
CreditAttribution: dww as a volunteer commented 
+++ b/core/tests/Drupal/KernelTests/Core/File/NameMungingTest.php
@@ -66,16 +66,16 @@ public function testMungeIgnoreInsecure() {
+    $this->assertSame($munged_name, $this->nameWithUcExt, new FormattableMarkup('The new filename (%munged) matches the original (%original) once the extension has been allowed.', ['%munged' => $munged_name, '%original' => $this->nameWithUcExt]));
...
+    $this->assertSame($munged_name, $this->name, new FormattableMarkup('The new filename (%munged) matches the original (%original) also when the allowed extension is in uppercase.', ['%munged' => $munged_name, '%original' => $this->name]));

While we're touching these lines, we could also completely remove the assertion message and all of new FormattableMarkup() here, too. If so, check if those are the last FormattableMarkup used in this test class, and if so, remove the use statement at the top of the file. But that's perhaps scope creep, so if you ignore this comment, we can clean that up later in some other issue instead.

Thanks,
-Derek

rik-dev’s picture

rik-dev CreditAttribution: rik-dev at DevBranch commented
Assigned: Unassigned » rik-dev
rik-dev’s picture

rik-dev CreditAttribution: rik-dev at DevBranch commented
Status: Needs work » Needs review
FileSize
3151087-13.patch2.81 KB

@dww Thanks for review and thanks a lot of interdiff I didn’t know about this, so will use this in future.

dww’s picture

dww
we/he/they
CreditAttribution: dww as a volunteer commented 
+++ b/core/tests/Drupal/KernelTests/Core/File/NameMungingTest.php
@@ -66,16 +66,16 @@ public function testMungeIgnoreInsecure() {
+    // Declare that our allowed extension. The declared extensions should
     // be case insensitive so test using one with a different case.

Sorry if I wasn't clear, but you missed what I was asking for in #10.2. "Declare that our allowed extension." isn't a sentence. And "be" can wrap into the previous line and still be under 80 chars wide.

This comment should be:

    // Declare that our extension is allowed. The declared extensions should be
    // case insensitive, so test using one with a different case.

Thanks,
-Derek

dww’s picture

dww
we/he/they
CreditAttribution: dww as a volunteer commented
Status: Needs review » Needs work
rik-dev’s picture

rik-dev CreditAttribution: rik-dev at DevBranch commented
Status: Needs work » Needs review
FileSize
3151087-16.patch2.88 KB
dww’s picture

dww
we/he/they
CreditAttribution: dww as a volunteer commented
Status: Needs review » Reviewed & tested by the community

That looks great, thanks!

Would still be useful to see interdiffs for these, but this is small enough I can just re-review each time. But seriously, please make this part of your workflow whenever you upload a new patch to an issue that already has a patch (whether the previous patch was yours or not).

Thanks!
-Derek

p.s. Crediting all the contributors so far...

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
CreditAttribution: alexpott at Acro Commerce, Thunder commented
Status: Reviewed & tested by the community » Fixed

Committed and pushed 9eb7a173a2 to 9.1.x and fdedb4e9f5 to 9.0.x and df3e7a5863 to 8.9.x. Thanks!

As there is no API change here I've backported this to 8.9.x to keep code and tests aligned in an important function from the POV of security.

  • alexpott committed 9eb7a17 on 9.1.x 
    Issue #3151087 by rik-dev, dww, alexpott, Matroskeen: Replace use of...

  • alexpott committed fdedb4e on 9.0.x 
    Issue #3151087 by rik-dev, dww, alexpott, Matroskeen: Replace use of...

  • alexpott committed df3e7a5 on 8.9.x 
    Issue #3151087 by rik-dev, dww, alexpott, Matroskeen: Replace use of...

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.