\Drupal\system\Controller\ThemeController::willInstallExperimentalTheme() prevents code from reaching the theme was not found errors [#3572785]

Problem/Motivation

If the theme query parameter contains a theme that does not exist the \Drupal\system\Controller\ThemeController should error with theme not found but when we added \Drupal\system\Controller\ThemeController::willInstallExperimentalTheme() we broke this because this expects theme to exist but $theme is user input (from the url query param) so this needs to be hardened.

Steps to reproduce

Copy a url to install a theme or set it as default and manipulate the theme value to be one that does not exist.

Proposed resolution

return FALSE from \Drupal\system\Controller\ThemeController::willInstallExperimentalTheme() if the theme does not exist.

Remaining tasks

User interface changes

None

Introduced terminology

N/a

API changes

None

Data model changes

None

Release notes snippet

N/a

Issue fork drupal-3572785

Show commands

Start within a Git clone of the project using the version control instructions.

Add & fetch this issue fork’s repository

Or, if you do not have SSH keys set up on git.drupalcode.org:

Add & fetch this issue fork’s repository

1 hidden branch

3572785-drupalsystemcontrollerthemecontrollerwillinstallexperimentaltheme-prevents-code

changes, plain diff MR !14727

Check out this branch for the first time

Check out existing branch, if you already have it locally

About issue forks

Comments

Comment #1

11 February 2026 at 10:31

alexpott created an issue. See original summary.

Comment #2

alexpott

he/they

English

🇪🇺🌍

commented 11 February 2026 at 10:37

Status:

Active

» Needs review

I think this change might be simple enough to fall under the no test needed.

Comment #3

11 February 2026 at 10:39

alexpott opened merge request !14727

Comment #4

borisson_

Dutch

Mechelen, 🇧🇪

commented 11 February 2026 at 14:07

Status:

Needs review

» Reviewed & tested by the community

I agree, this change is very simple.

Comment #5

10 March 2026 at 11:20

catch committed 8be1747d on 11.3.x

fix: #3572785 \Drupal\system\Controller\ThemeController::...

Comment #6

10 March 2026 at 11:20

catch committed e295bf68 on 11.x

fix: #3572785 \Drupal\system\Controller\ThemeController::...

Comment #7

10 March 2026 at 11:20

catch committed 00727647 on main

fix: #3572785 \Drupal\system\Controller\ThemeController::...

Comment #8

catch

he/him

English

commented 10 March 2026 at 11:20

Version:	main	» 11.3.x-dev
Status:	Reviewed & tested by the community	» Fixed

Committed/pushed to main, 11.x and 11.3.x, thanks!

Comment #9

10 March 2026 at 11:20

Now that this issue is closed, review the contribution record.

As a contributor, attribute any organization that helped you, or if you volunteered your own time.

Maintainers, credit people who helped resolve this issue.

Comment #10

10 March 2026 at 11:21

catch closed merge request !14727

Comment #11

24 March 2026 at 11:25

Status:

Fixed

» Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

\Drupal\system\Controller\ThemeController::willInstallExperimentalTheme() prevents code from reaching the theme was not found errors

Problem/Motivation

Steps to reproduce

Proposed resolution

Remaining tasks

User interface changes

Introduced terminology

API changes

Data model changes

Release notes snippet

Issue fork drupal-3572785

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

Comment #6

Comment #7

Comment #8

Comment #9

Comment #10

Comment #11

News items

Our community

Documentation

Drupal code base

Governance of community