Problem/Motivation

Upgrade and extend the Mediaflow contrib module on the Drupal 10/11 stack. Work covers (1) fixing the critical bugs that block media import/save, (2) replacing the exposed MFP key with a secure token flow and tightening CSP, and (3) exposing Mediaflow assets directly inside Media Library and Gutenberg so editors can pick images/videos without leaving the editor.

Remaining tasks

Scope

  • Scope of fixes – address the open issues on drupal.org (form reload #3504791, credential exposure #3504798, malformed entity #3504810, node-save exception #3504827) plus coding-standards cleanup #3516623.
  • Security – swap hard-coded key for token-based requests and whitelist Mediaflow domains in CSP (api.mediaflow.com, files.mediaflow.com, play.mediaflowpro.com, mfstatic.com, *.inviewer.se).
  • Compatibility – ensure clean install on Drupal 10.x and readiness for Drupal 11; add static testing.
  • Editor experience – register a Mediaflow browser in Media Library and a Gutenberg block that supports caption, alignment, and size controls.

Issue fork mediaflow-3536769

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

Comments

oleksandr yushchenko created an issue. See original summary.

oleksandr yushchenko’s picture

Category: Task » Plan

mediaflow’s picture

Version: 1.0.x-dev » 2.0.0
Status: Active » Fixed

Merged to 2.0.0, released Dec 17 2025.

Now that this issue is closed, review the contribution record.

As a contributor, attribute any organization that helped you, or if you volunteered your own time.

Maintainers, credit people who helped resolve this issue.

mediaflow’s picture

Status: Fixed » Closed (fixed)