Magento Asked on December 28, 2021
I recently upgraded from 2.2 to 2.3 but since then I get this on system.log
main.CRITICAL: The following tag(s) are not allowed: img [] []
Thanks 😀
Looks like this was only fixed on the 2.4.x branch and will be available in the 2.4.2 release
For those on 2.3 branch I rolled a patch against 2.3.6 if anyone wants to give that a try
add this to your composer.json
"magento/module-sales": {
"[Remove in 2.4.2] Fixed issue with critical error: The following tag(s) are not allowed": "https://gist.githubusercontent.com/jordanvector/524a39a6bb201bb2a82639c490f5bacd/raw/af439647fc97b6c14f210755f66b41b49650e8de/2.3.6-Fixed-issue-with-critical-error-The-following-tags.patch"
}
Answered by jordanvector on December 28, 2021
I have the same issue, I have identified that it is caused by a registered customer viewing their order
A similar issue to https://github.com/magento/magento2/issues/25738 as @Jared Chu says but the solution for that issue doesn't work for this one
Answered by miller75 on December 28, 2021
I don't have a solution for this but I may have some hints on how to debug this.
The error is logged in the method MagentoFrameworkEscaper::filterProhibitedTags()
: https://github.com/magento/magento2/blob/2.3.5-p1/lib/internal/Magento/Framework/Escaper.php#L456
This private method is called by the escapeHtml
method from the same class.
So this means that there is a call somewhere to $block->escapeHtml($something)
where the parameter ($something
in my example) contains an <img>
tag and it is not allowed.
you can try to log the stacktrace of the error also.
A quick and dirty way of doing it, if you can reproduce this on a dev or staging environment (I don't recommend it for a live environment) is to replace the line mentioned above
$this->getLogger()->critical(
'The following tag(s) are not allowed: ' . implode(', ', $notAllowedTags)
);
with
try {
throw new Exception()
} catch (Exception $e) {
$this->getLogger()->critical(
'The following tag(s) are not allowed: ' . implode(', ', $notAllowedTags) . ' Trace: '. $e->getTraceAsString();
);
}
Answered by Marius on December 28, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP