Redirecting to /core/install.php is a great feature for people playing with Drupal as they can quickly understand what's going on.

But on the contrary, it's very bad in production with a (big) database problem ! (Even worse when it falls in the varnish cache hush!) 

I was thinking of a configuration key in backoffice, section "Error pages", but since we have no database, it should be a variable in settings.php.

I would like to have the community opinion first ?

=============================
In Drupal\Core\EventSubscriber\ExceptionDetectNeedsInstallSubscriber :

/**
   * Handles errors for this subscriber.
   *
   * @param \Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent $event
   *   The event to process.
   */
  public function onException(GetResponseForExceptionEvent $event) {
    $exception = $event->getException();
    if ($this->shouldRedirectToInstaller($exception, $this->connection)) {
      // Only redirect if this is an HTML response (i.e., a user trying to view
      // the site in a web browser before installing it).
      $request = $event->getRequest();
      $format = $request->query->get(MainContentViewSubscriber::WRAPPER_FORMAT, $request->getRequestFormat());
      if ($format == 'html') {
        $event->setResponse(new RedirectResponse($request->getBasePath() . '/core/install.php', 302, ['Cache-Control' => 'no-cache']));
      }
    }
  }

Comments

pguillard created an issue. See original summary.

pguillard’s picture

pguillard commented
Issue summary: View changes

Version: 8.9.x-dev » 9.1.x-dev

Drupal 8.9.0-beta1 was released on March 20, 2020. 8.9.x is the final, long-term support (LTS) minor release of Drupal 8, which means new developments and disruptive changes should now be targeted against the 9.1.x-dev branch. For more information see the Drupal 8 and 9 minor version schedule and the Allowed changes during the Drupal 8 and 9 release cycles.

Version: 9.1.x-dev » 9.2.x-dev

Drupal 9.1.0-alpha1 will be released the week of October 19, 2020, which means new developments and disruptive changes should now be targeted for the 9.2.x-dev branch. For more information see the Drupal 9 minor version schedule and the Allowed changes during the Drupal 9 release cycle.

Version: 9.2.x-dev » 9.3.x-dev

Drupal 9.2.0-alpha1 will be released the week of May 3, 2021, which means new developments and disruptive changes should now be targeted for the 9.3.x-dev branch. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

Version: 9.3.x-dev » 9.4.x-dev

Drupal 9.3.0-rc1 was released on November 26, 2021, which means new developments and disruptive changes should now be targeted for the 9.4.x-dev branch. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

Version: 9.4.x-dev » 9.5.x-dev

Drupal 9.4.0-alpha1 was released on May 6, 2022, which means new developments and disruptive changes should now be targeted for the 9.5.x-dev branch. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

Version: 9.5.x-dev » 10.1.x-dev

Drupal 9.5.0-beta2 and Drupal 10.0.0-beta2 were released on September 29, 2022, which means new developments and disruptive changes should now be targeted for the 10.1.x-dev branch. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

Version: 10.1.x-dev » 11.x-dev

Drupal core is moving towards using a “main” branch. As an interim step, a new 11.x branch has been opened, as Drupal.org infrastructure cannot currently fully support a branch named main. New developments and disruptive changes should now be targeted for the 11.x branch, which currently accepts only minor-version allowed changes. For more information, see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

moshe weitzman’s picture

moshe weitzman commented

I agree. This can happen during a database restore, for example. I made a contrib module that resolves this problem until this issue is discussed and developed - https://www.drupal.org/project/prod_no_redirect

greggles’s picture

greggles
he/him
Primary language English
Location Denver, Colorado, USA
commented
Issue tags: +Security

+1

prudloff’s picture

prudloff commented

I agree this should be improved.
We handle this on our websites by restricting access to install.php in Apache config, but a solution that works for everyone would be nice.

catch’s picture

catch
he/him
Primary language English
commented

This makes sense to me and settings.php seems like the right (only) place. We could probably write to it at the same time as writing out to database settings so it's always there on new installs?

catch’s picture

catch
he/him
Primary language English
commented

Just found #3527703: ExceptionDetectNeedsInstallSubscriber should not run on http exceptions too.

Version: 11.x-dev » main

Drupal core is now using the main branch as the primary development branch. New developments and disruptive changes should now be targeted to the main branch.

Read more in the announcement.