Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.Problem/Motivation
When rendering a twig markup field, the module
* first pipes the twig through a HTML text filter
* only then evaluates twig
See code: https://git.drupalcode.org/project/markup_twig/-/blob/8.x-1.x/markup_twi...
This has some bad consequences:
1) The filter does not see dynamically inserted HTML (e.g. you rely on email obfuscation but the email that twig inserts is not processed)
2) The filter may cough as it sees the twig template which in general is invalid HTML
2a) This break may happen unexpected when updating text format filters
3) Twig may break due to some filter results being invalid twig
3a) This break may happen unexpected when adding some new content
I experienced 2) and 3) in #3150347-6: WSOD and Notices
Proposed resolution
Move the check_markup after executing twig in a #post_render callback.
| Comment | File | Size | Author |
|---|---|---|---|
| #2 | markup-twig-3153205-2-filtering-twig-breaks-sites.multi_.patch | 9.62 KB | geek-merlin |
Comments
Comment #2
geek-merlinPatch flying in that fixes the issue for me.
This multipatch has one prequel that moves helper functions into a helper class that we then need anyway to implement TrustedCallbackInterface.
Comment #3
anybodyHi Axel,
thanks a lot for your effort on this! Great work, I just reviewed it and committed to dev. Let's see if it works well or issues pop up, otherwise we may create a new stable release soon.
Thanks a lot!
Comment #5
anybodyComment #6
geek-merlinGreat. Feel free to ping me if something comes up.
Comment #7
geek-merlinOops, it seems the MarkupTwigHelpers class from the patch has been forgotten to add. Updating will break without this.
Comment #9
anybodyDamn sorry... missed "git add ." ...