Problem/Motivation
When submitting certain forms from inside the overlay the result opens in a new tab instead of in the current page.
Proposed resolution
Use the new function Drupal.overlay.isExternalLink()
added to core in #667012: Remove the opening of external links in a new browser window to more accurately detect external/absolute form actions instead of looking for a leading 'http' or 'https'.
Remaining tasks
(reviews needed, tests to be written or run, documentation to be written, etc.)
User interface changes
none
API changes
none
Original report by ununpentium
I searched issues, but can't determine if this is a dup.
When clicking "save configuration", for instance on the admin/modules or admin/blocks pages, a new browser window appears with overlay removed. I can't find a setting or option related to this.
It seems the usability should 1) keep you in same browser window, and 2) either keep the overlay window up and remain on the particular admin screen, or close it and return the view back to the website.
Comment | File | Size | Author |
---|---|---|---|
#28 | 1082032-overlay-form-external-18.patch | 718 bytes | pwolanin |
#18 | 1082032-overlay-form-external-1-D7-do-not-test.patch | 718 bytes | Alan Evans |
#16 | 1082032-overlay-form-external.1.patch | 738 bytes | Alan Evans |
Comments
Comment #1
Jeff Burnz CreditAttribution: Jeff Burnz commentedCan you add some details such as browser and the admin theme you are using. Sounds odd and not something I have run into - this is certainly not default behavior.
Comment #2
ununpentium CreditAttribution: ununpentium commentedComment #3
go2guys CreditAttribution: go2guys commentedSo I was having this problem too. In my case, it is brought on by Domain Access with the SEO option to always link to content on its source domain turned on.
The offending code is in modules/overlay/overlay-child.js
There are several things wrong with this code.
First of all, checking for http or https in the url is not actually testing if the form is "internal". In my case, domain access was putting http://mydomain.com in front of all urls, even if it wasn't leaving the site. I suspect other SEO modules designed to reduce duplicate search engine content would do the same.
Secondly, a problem which was fixed on another issue, is that it needs to be careful not to pile on additional "render=overlay" values if one is already there.
Lastly, there is no "_new". This is embarrassing. If you want to use target= to open a new tab/window the correct value is "_blank". "_new" is treated just as any other named window such as "kittenmittens", in that subsequent links to target="_new" will reuse the window/tab originally named "_new"
This patch first uses a regular expression to extract the hostname portion of the url, then a couple of tests to eliminate any username/passwords or port numbers. It works across protocols and on protocol independent URLs beginning with //hostname.
I don't have git working so my patch isn't a real git patch, so who knows if it'll work. But it's free for anyone to use and adapt.
Cheers!
Comment #4
bfroehle CreditAttribution: bfroehle commentedComment #5
David_Rothstein CreditAttribution: David_Rothstein commentedThanks for starting the patch!
That issue is already being discussed and worked on at #754578: Overlay adds '&render=overlay' twice to paths, so no need to duplicate it here... unless I'm missing something and it's somehow required to solve this bug too.
I don't think either of these are correct; seems to me like it should be '_parent' instead. See #667012: Remove the opening of external links in a new browser window.
Comment #6
go2guys CreditAttribution: go2guys commentedI wasn't sure what do to about #754578. It is a very important fix, one that I had already implemented on my site, which is how it made it into the diff. I chose to leave it there and point out that it was addressed elsewhere.
I like _parent as well. I wasn't even thinking about what "should" happen, just how it was being implemented.
Comment #7
David_Rothstein CreditAttribution: David_Rothstein commentedI think we should remove the other fix from this patch. It's better to keep separate issues for separate bugs so the fixes can be evaluated separately.
And yeah, the '_parent' change... I wish we had done that as part of #667012: Remove the opening of external links in a new browser window (since it was certainly the intention of that issue that the overlay not open up new browser windows anymore at all). I think I just didn't realize it was in this part of the code also.
From what I remember of that issue, it didn't seem like that big of a bug - just extra stuff in the URL, but it didn't have any major side effects beyond that. However, when that issue was originally filed, it seemed like there was some thought it might have caused other problems. Do you know of specific problems that it causes?
If so, please leave a comment on that issue explaining what they are and how to reproduce - maybe the priority of that bug could be bumped up in that case.
Comment #8
agentrickardIf it helps, I didn't see this behavior until updating to Drupal 7.2.
Comment #9
ksenzeeWe do need a generic function to test if a URL is external or not. I posted a patch today at #1174686-2: Overlay parent improperly opens child overlay on specific external links that adds such a function. Would that be good enough here? If not, let's at least extract the code here into a separate function that could be used elsewhere.
Comment #10
Mark_L6n CreditAttribution: Mark_L6n commentedHaving same problem, triggered same as #3, version 7.14. Glad to at least find out what's triggering this!
Comment #11
Alan Evans CreditAttribution: Alan Evans commentedGiven that ksenzee's patch on #1174686 is now in both D8 and D7, I think the only patch we need for this issue is the one I'm attaching.
Only concentrating on the main issue for now, that certain forms in overlays open in a new window, ignoring the 2 side issues of the "_new" target and multiple render=overlay on urls, which have their own issues.
Note also that this issue is relatively easy to reproduce if you are forcing all your forms to #https=TRUE, because that in effect makes the action an absolute url, even though in most cases it's internal. This trips up on the original check whether there is a http(s) at the beginning of the action url.
I am able to verify that the D7 version of this patch solves my instance of this problem, which was caused by a combination of this issue and forcing all forms to SSL. I haven't yet tested the D8 version posted here due to time constraints.
Comment #12
Alan Evans CreditAttribution: Alan Evans commentedComment #13
Alan Evans CreditAttribution: Alan Evans commentedThis would be the D7 version.
Looking at it now, I'm wondering whether it is more intuitive to invert that condition. Probably doesn't help much.
Comment #13.0
pwolanin CreditAttribution: pwolanin commentedupdating issue summary using the template
Comment #14
dev_halosys CreditAttribution: dev_halosys commented#11: 1082032-overlay-form-external.patch queued for re-testing.
Comment #15
Alan Evans CreditAttribution: Alan Evans commented#11 causes javascript errors - overlay-parent.js isn't included in the overlay child frame, so isExternalLink (in fact the entire Drupal.overlay object) in not defined.
We'd need a way to access this function from both the overlay parent and child - possibly it needs to exist somewhere more generic.
Comment #16
Alan Evans CreditAttribution: Alan Evans commentedSo, the alternatives are:
I'm attaching a patch that does (1). I'm not keen on (3) due to duplication, and (2) doesn't seem entirely necessary if we can guarantee that an overlayChild always has a parent window with a Drupal.overlay object (which sounds like under all reasonable circumstances would be the case).
Comment #17
Alan Evans CreditAttribution: Alan Evans commentedComment #18
Alan Evans CreditAttribution: Alan Evans commentedD7 equivalent patch
Comment #19
irunflower CreditAttribution: irunflower commentedI closed a similar issue, which I think is a duplicate: http://drupal.org/node/1530302
Comment #20
codewatson CreditAttribution: codewatson commentedPatch in #18 seems to be working on my D7 install, I ran into this with the Domain Access module installed which made all form submissions in the overlay open in a new window, but the patch seems to correct the problem.
Comment #21
agentrickardA wonder what other testing is required (or possible) here. Tempted to RTBC.
Comment #22
jordiserra CreditAttribution: jordiserra commentedPatch #18 works for me.
It is possible to commit to D7 core?
Comment #23
Vincent_Jo CreditAttribution: Vincent_Jo commentedPatch in #18 does not work here at same constellation: D7/domain access.
Comment #24
codewatson CreditAttribution: codewatson commented@Vincent_Jo Did you clear your cache after applying #18?
Comment #25
s_leu CreditAttribution: s_leu commentedI can confirm the patch in #18 solves the problem in D7 in combination with the domain access module.
Comment #26
kenheim CreditAttribution: kenheim commentedI have applied the patch in #18, and cleared my cache, but saves on overlay forms still open new windows. I'm using D7.23, Domain Access 7.x-3.10. The problem only occurs when I have " Rewrite all URLs to point to a single source" turned on under Domain Settings. When this SEO setting is turned on I get the exact same result, with or without the patch.
Comment #26.0
kenheim CreditAttribution: kenheim commentedfix issue link
Comment #27
nod_Overlay is dead to D8 #2088121: Remove Overlay.
Comment #28
pwolanin CreditAttribution: pwolanin commentedre-posting Alan's patch form #18 so it runs tests (though it's JS)
Comment #29
Vincent_Jo CreditAttribution: Vincent_Jo commentedHi, I can confirm this comment by kenheim at #26:
Same here.
regards
Vincent
Comment #30
Agogo CreditAttribution: Agogo commentedI want to add my concern here. I have the same problem as #26 and #29. The problem only occurs when I have "Rewrite all URLs to point to a single source" turned on in Domain Access.
Comment #31
timmay CreditAttribution: timmay commentedIn RE #30 - turning off "Rewrite all URLS to point to a single source" in Domain Access configuration worked for me as well.
Thanks!
Comment #32
alvgalrus CreditAttribution: alvgalrus commentedThis isn't fixed when "Rewrite all URLs to point to a single source" is selected in Access Domain as stated by #26, #29 and #30.
Comment #33
1kenthomas CreditAttribution: 1kenthomas as a volunteer and commentedBump. Could this be fixed over in Domain Access? *thinking cap on*
Patch above does seem to work, at least in my use case.