Drupal\views\Plugin\views\area\Result does an unnecessary XSS::adminFilter() 

    // Send the output.
    if (!empty($total)) {
      $output .= Xss::filterAdmin(str_replace(array_keys($replacements), array_values($replacements), $format));
    }
    // Return as render array.
    return array(
      '#markup' => $output,
    );

Since we are returning a render array with #markup that is automatically admin filtered.

CommentFileSizeAuthor
#39 2569381-36.patch2.72 KBlendude
#38 2569381-test-only.patch2.77 KBinit90
#36 2569381-36.patch2.72 KBinit90
#26 interdiff.txt799 bytesMunavijayalakshmi
#26 unneeded_filter-2569381-26.patch2.91 KBMunavijayalakshmi
#21 unneeded_filter-2569381-21.patch3.03 KBduaelfr
#16 interdiff-2569381-8-16.txt2.88 KBdeepakaryan1988
#16 unneeded_filter-2569381-16.patch2.99 KBdeepakaryan1988
#12 interdiff-2569381-8-12.patch3.4 KBvasi
#12 2569381-12.patch2.99 KBvasi
#8 unneeded_filter-2569381-2.patch1.68 KBalx_benjamin
#3 unneeded_filter-2569381-1.patch653 bytesalx_benjamin

Comments

alexpott created an issue. See original summary.

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
commented
Issue tags: +Novice, +Needs tests
alx_benjamin’s picture

alx_benjamin commented
StatusFileSize
new unneeded_filter-2569381-1.patch653 bytes

Let's see if this will pass testing

-------------------------------------------------
Sponsored by http://reallifedesign.co.uk/

alx_benjamin’s picture

alx_benjamin commented
Status: Active » Needs work
alx_benjamin’s picture

alx_benjamin commented
Status: Needs work » Needs review
dawehner’s picture

dawehner
Primary language German
commented

Perfect. As a test you probably best try to write some unit test, given that the endResult on the page will be the same.

alx_benjamin’s picture

alx_benjamin commented
Assigned: Unassigned » alx_benjamin

Writing test

alx_benjamin’s picture

alx_benjamin commented
StatusFileSize
new unneeded_filter-2569381-2.patch1.68 KB

Hope this is a right test.

alx_benjamin’s picture

alx_benjamin commented
Assigned: alx_benjamin » Unassigned
dawehner’s picture

dawehner
Primary language German
commented
Status: Needs review » Needs work 
+++ b/core/modules/views/src/Tests/Plugin/PluginResultTest.php
@@ -0,0 +1,34 @@
+ * @group views
+ */
+class PluginResultTest extends PluginTestBase {
+

MH actually the test should somehow use the result plugin, so what about exporting a view that has it used?

vasi’s picture

vasi commented

I'd like to help with this, but I'm not sure how. I guess I'd have to enable views_test_config and update it? But I'm not sure how to enable it.

vasi’s picture

vasi commented
Status: Needs work » Needs review
StatusFileSize
new 2569381-12.patch2.99 KB
new interdiff-2569381-8-12.patch3.4 KB

Ok, I figured something out, using some gross code to set things up so I could build my view. (The patch itself is clean.) I'd appreciate if someone can provide better docs on how to do this in the future!

Status: Needs review » Needs work

The last submitted patch, 12: interdiff-2569381-8-12.patch, failed testing.

The last submitted patch, 12: interdiff-2569381-8-12.patch, failed testing.

deepakaryan1988’s picture

deepakaryan1988
Primary language Hindi
commented
Assigned: Unassigned » deepakaryan1988
deepakaryan1988’s picture

deepakaryan1988
Primary language Hindi
commented
Assigned: deepakaryan1988 » Unassigned
Status: Needs work » Needs review
StatusFileSize
new unneeded_filter-2569381-16.patch2.99 KB
new interdiff-2569381-8-16.txt2.88 KB
duaelfr’s picture

duaelfr
he/him
Primary language French
Location Montpellier, France
commented
Issue tags: -Novice, -Needs tests

Utagging because at this state of the issue, tests has been written. Plus, reviewing that kind of issue is not a novice task as we cannot have any steps to reproduce and as we cannot do manual testing.

Version: 8.0.x-dev » 8.1.x-dev

Drupal 8.0.6 was released on April 6 and is the final bugfix release for the Drupal 8.0.x series. Drupal 8.0.x will not receive any further development aside from security fixes. Drupal 8.1.0-rc1 is now available and sites should prepare to update to 8.1.0.

Bug reports should be targeted against the 8.1.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.2.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.1.x-dev » 8.2.x-dev

Drupal 8.1.9 was released on September 7 and is the final bugfix release for the Drupal 8.1.x series. Drupal 8.1.x will not receive any further development aside from security fixes. Drupal 8.2.0-rc1 is now available and sites should prepare to upgrade to 8.2.0.

Bug reports should be targeted against the 8.2.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.3.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.2.x-dev » 8.3.x-dev

Drupal 8.2.6 was released on February 1, 2017 and is the final full bugfix release for the Drupal 8.2.x series. Drupal 8.2.x will not receive any further development aside from critical and security fixes. Sites should prepare to update to 8.3.0 on April 5, 2017. (Drupal 8.3.0-alpha1 is available for testing.)

Bug reports should be targeted against the 8.3.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.4.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

duaelfr’s picture

duaelfr
he/him
Primary language French
Location Montpellier, France
commented
Version: 8.3.x-dev » 8.4.x-dev
StatusFileSize
new unneeded_filter-2569381-21.patch3.03 KB

Simple reroll on 8.4.x to see what happens.

duaelfr’s picture

duaelfr
he/him
Primary language French
Location Montpellier, France
commented
Issue tags: +seville2017
duaelfr’s picture

duaelfr
he/him
Primary language French
Location Montpellier, France
commented
Issue tags: -seville2017 +DevDaysSeville

Wrong tag, sorry

lendude’s picture

lendude
Primary language Dutch
Location Amsterdam
commented
Related issues: +#2782221: Result summary Area plugin not displayed when there is no result.

Massively overlaps with #2782221: Result summary Area plugin not displayed when there is no result., not that we should combine the two, but when one lands the other needs to do some refactoring to combine the tests.

lendude’s picture

lendude
Primary language Dutch
Location Amsterdam
commented

Bit of nitpicking:

  1. +++ b/core/modules/views/src/Tests/Handler/AreaResultTest.php
@@ -0,0 +1,42 @@
+/**
+ * @file
+ * Contains \Drupal\views\Tests\Handler\AreaResultTest.
+ */

    We don't do @file anymore right? 

  2. +++ b/core/modules/views/src/Tests/Handler/AreaResultTest.php
@@ -0,0 +1,42 @@
+  /**
+   * Views used by this test.
+   *
+   * @var array
+   */

    can just use an {@inheritdoc} 

  3. +++ b/core/modules/views/src/Tests/Handler/AreaResultTest.php
@@ -0,0 +1,42 @@
+  public static $testViews = array('test_area_result');

    array() => []

Munavijayalakshmi’s picture

Munavijayalakshmi commented
StatusFileSize
new unneeded_filter-2569381-26.patch2.91 KB
new interdiff.txt799 bytes

Made changes as per the comment #25. Applying the patch, please review.

lendude’s picture

lendude
Primary language Dutch
Location Amsterdam
commented

Missed some nitpicks the first time, sorry:

  1. +++ b/core/modules/views/src/Tests/Handler/AreaResultTest.php
@@ -0,0 +1,35 @@
+class AreaResultTest extends ViewKernelTestBase {
+  /**

    Needs a newline. 

  2. +++ b/core/modules/views/src/Tests/Handler/AreaResultTest.php
@@ -0,0 +1,35 @@
+  public function testAreaResult() {

    every method needs a docblock

Version: 8.4.x-dev » 8.5.x-dev

Drupal 8.4.0-alpha1 will be released the week of July 31, 2017, which means new developments and disruptive changes should now be targeted against the 8.5.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.5.x-dev » 8.6.x-dev

Drupal 8.5.0-alpha1 will be released the week of January 17, 2018, which means new developments and disruptive changes should now be targeted against the 8.6.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.6.x-dev » 8.7.x-dev

Drupal 8.6.0-alpha1 will be released the week of July 16, 2018, which means new developments and disruptive changes should now be targeted against the 8.7.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.7.x-dev » 8.8.x-dev

Drupal 8.7.0-alpha1 will be released the week of March 11, 2019, which means new developments and disruptive changes should now be targeted against the 8.8.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Version: 8.8.x-dev » 8.9.x-dev

Drupal 8.8.0-alpha1 will be released the week of October 14th, 2019, which means new developments and disruptive changes should now be targeted against the 8.9.x-dev branch. (Any changes to 8.9.x will also be committed to 9.0.x in preparation for Drupal 9’s release, but some changes like significant feature additions will be deferred to 9.1.x.). For more information see the Drupal 8 and 9 minor version schedule and the Allowed changes during the Drupal 8 and 9 release cycles.

Version: 8.9.x-dev » 9.1.x-dev

Drupal 8.9.0-beta1 was released on March 20, 2020. 8.9.x is the final, long-term support (LTS) minor release of Drupal 8, which means new developments and disruptive changes should now be targeted against the 9.1.x-dev branch. For more information see the Drupal 8 and 9 minor version schedule and the Allowed changes during the Drupal 8 and 9 release cycles.

Version: 9.1.x-dev » 9.2.x-dev

Drupal 9.1.0-alpha1 will be released the week of October 19, 2020, which means new developments and disruptive changes should now be targeted for the 9.2.x-dev branch. For more information see the Drupal 9 minor version schedule and the Allowed changes during the Drupal 9 release cycle.

Version: 9.2.x-dev » 9.3.x-dev

Drupal 9.2.0-alpha1 will be released the week of May 3, 2021, which means new developments and disruptive changes should now be targeted for the 9.3.x-dev branch. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

init90’s picture

init90
Location Ukraine
commented
Issue tags: -DevDaysSeville +Bug Smash Initiative
StatusFileSize
new 2569381-36.patch2.72 KB

I've found that issue as a random bug from - https://lendude.gitlab.io/bug-smash-initiative/

lendude’s picture

lendude
Primary language Dutch
Location Amsterdam
commented
Status: Needs review » Needs work

Refactored test coverage looks good, could you upload a test-only file to make sure the test still covers the bug?

init90’s picture

init90
Location Ukraine
commented
Status: Needs work » Needs review
StatusFileSize
new 2569381-test-only.patch2.77 KB

Of course, here is a test only patch

lendude’s picture

lendude
Primary language Dutch
Location Amsterdam
commented
Status: Needs review » Reviewed & tested by the community
StatusFileSize
new 2569381-36.patch2.72 KB

@init90 thanks! As you pointed out to me on slack, we don't have a 'fail' here because we are only removing a double clean up, so we only need the test that proves it stays working, which we do.

Ok, so this looks ready. Re-upping the patch with the fix so the right one gets queued for retesting and it is clear with one I'm RTBC'ing

alexpott’s picture

alexpott
he/they
Primary language English
Location 🇪🇺🌍
commented
Status: Reviewed & tested by the community » Fixed

Committed and pushed f5fdfe3165 to 9.4.x and 16d107539f to 9.3.x. Thanks!

Backported to 9.3.x as a tested and simple bug fix.

  • alexpott committed f5fdfe3 on 9.4.x 
    Issue #2569381 by alx_benjamin, init90, vasi, deepakaryan1988,...

  • alexpott committed 16d1075 on 9.3.x 
    Issue #2569381 by alx_benjamin, init90, vasi, deepakaryan1988,...

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.