Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
There is a @todo in the code that was added to Drupal 8 to fix https://www.drupal.org/SA-CORE-2017-003:
// @todo - implement \Symfony\Component\DependencyInjection\ContainerInterface
// so that services can be more properly injected.
$allowed_temp_files = \Drupal::service('session')->get('allowed_temp_files', []);
This issue is for resolving that @todo.
Comment | File | Size | Author |
---|---|---|---|
#8 | 2888581-8.patch | 2.51 KB | xjm |
#2 | increment-sdo-104243-41-D8.txt | 2.51 KB | David_Rothstein |
Comments
Comment #2
David_Rothstein CreditAttribution: David_Rothstein as a volunteer commentedAn earlier version of the private security patch did this already, but it was removed as it was felt not appropriate for 8.3.x as part of a security release.
Here is the interdiff that removed that. It's possible that just adding this back is enough to fix this issue - I'm not sure.
Comment #5
David_Rothstein CreditAttribution: David_Rothstein as a volunteer commentedCrediting the people who worked on that part of the patch.
Comment #7
xjmComment #8
xjmAs a patch file for CI.