Problem/Motivation
On the user add/edit user form, if the user has the permission "bypass password policies", an error is thrown after typing in the password field, then tabbing to the next element or shifting focus elsewhere in the browser.
TypeError: Argument 1 passed to Drupal\Core\Render\MainContent\AjaxRenderer::renderResponse() must be of the type array, null given, called in /var/www/build/html/core/lib/Drupal/Core/Form/FormAjaxResponseBuilder.php on line 89 in Drupal\Core\Render\MainContent\AjaxRenderer->renderResponse() (line 45 of /var/www/build/html/core/lib/Drupal/Core/Render/MainContent/AjaxRenderer.php).
This appears to happen because the ajax will trigger regardless of the permissions set, but the array it is expecting is only conditionally available provided the user does not have the "bypass password policies" permission.
The error can be seen from the JavaScript console on a browser, or if logging is enabled, it will also show up in the db logs on admin/reports/dblog.
Proposed resolution
Proposed resolution is attached as a patch file. Limit when the ajax event fires based on current user's permissions.
Remaining tasks
Needs review.
User interface changes
None.
API changes
None.
Data model changes
None.
Comment | File | Size | Author |
---|---|---|---|
#10 | ajax-error-password-field-2728843-10.patch | 1.79 KB | sharif.elshobkshy |
#4 | ajax-error-password-field-2728843-4.patch | 2.45 KB | mroycroft |
Comments
Comment #2
mroycroft CreditAttribution: mroycroft at Workday, Inc. commentedComment #3
mroycroft CreditAttribution: mroycroft at Workday, Inc. commentedComment #4
mroycroft CreditAttribution: mroycroft at Workday, Inc. commentedHere is the patch with the proposed fix.
Comment #5
mroycroft CreditAttribution: mroycroft at Workday, Inc. commentedComment #6
mroycroft CreditAttribution: mroycroft at Workday, Inc. commentedComment #8
nerdsteinReviewed, tests run/passed, merged, fixed
Comment #10
sharif.elshobkshy CreditAttribution: sharif.elshobkshy as a volunteer commentedInfinite ajax request causes the browser to crash after adding value in pass1 and tabbing/clicking out. This issue can be reproduced on the Password Reset form.
Fixed in 8.x-3.x-dev but not on latest release (8.x-3.0-alpha4).
Patch/fix for 8.x-3.0-alpha4.