Problem/Motivation

I didn't check this, but logically wise, the LocalTracker shouldn't be able to track ad_content entities, since "ad-content" just throws all the informations under the "ads" query parameter, so when "ad_context" is filled through:

'ad_context' => $this->requestStack->getCurrentRequest()->query->all(),

We only have the "ads" query parameter, but "trackImpression" in LocalTracker is looking for other query keys, that don't exist (but should):

'url' => $context['url'],
'page_title' => $context['page_title'] ?? '',
'referrer' => $context['referrer'],

I am not even sure if it is a good idea to pass an url as a query parameter, but at least we escape it before through #3577478: "&" and probably other special characters inside site title causes ad to disappear, so it should be fine...

That is also the issue where this problem was found

Steps to reproduce

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

CommentFileSizeAuthor
#4 screenshot-2026-03-06 12_23_14.png8.54 KBgrevil
#4 screenshot-2026-03-06 12_01_40.png3.01 KBgrevil

Issue fork ad-3577496

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

grevil created an issue. See original summary.

grevil opened merge request !44

grevil’s picture

grevil commented
Related issues: +#3577478: "&" and probably other special characters inside site title causes ad to disappear
grevil’s picture

grevil commented
Status: Active » Needs review
StatusFileSize
new screenshot-2026-03-06 12_01_40.png3.01 KB
new screenshot-2026-03-06 12_23_14.png8.54 KB

Alright, this fixes the issue and cleans up the request query paramerts (and therfore the "ad_context").

The "ad_context" before the change (Everything crammed into this one query paraemter and tracker not being able to extract data):
screenshot

The "ad_context" after the change (Everything cleaned up nicely):
screenshot2

@anybody, NOTE, that "URLSearchParams" automatically URL-encodes everything natively! So no need for "encodeURIComponent" anymore!

Everything works great and as expected!

anybody’s picture

anybody
Primary language German
Location Porta Westfalica
commented
Assigned: Unassigned » anybody
anybody’s picture

anybody
Primary language German
Location Porta Westfalica
commented

@grevil thanks, regarding all these points we also need to be very careful about security.

Would be great to have tests for the trackers to ensure they work as expected, unsure if that's easy or complex... Budget is very limited.

anybody’s picture

anybody
Primary language German
Location Porta Westfalica
commented
Assigned: anybody » grevil
Status: Needs review » Needs work

Left a comment on the MR, I think you'll see the risk

grevil’s picture

grevil commented
Assigned: grevil » anybody
Status: Needs work » Needs review

Commented.

anybody’s picture

anybody
Primary language German
Location Porta Westfalica
commented

@grevil let's fix this here.

anybody’s picture

anybody
Primary language German
Location Porta Westfalica
commented
Assigned: anybody » Unassigned
Status: Needs review » Reviewed & tested by the community

I like the hardening, thanks! RTBC

  • anybody committed a0f7545e on 11.x authored by grevil 
    feat: #3577496 Fix LocalTracker not actually tracking anything
anybody’s picture

anybody
Primary language German
Location Porta Westfalica
commented
Status: Reviewed & tested by the community » Fixed

Merged!

Now that this issue is closed, review the contribution record.

As a contributor, attribute any organization that helped you, or if you volunteered your own time.

Maintainers, credit people who helped resolve this issue.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.