Drupal Release: 7.81

TL;DR

Drupal 7.81 is a maintenance release that focuses on security, performance, and accessibility improvements. It includes a significant security enhancement to block Google FLoC tracking, several performance optimizations for node access and WebTestCase, and numerous accessibility fixes. This release also addresses critical bugs in menu handling, particularly for large menus and unpublished content.

This update is important because it strengthens privacy protections, improves site performance, and enhances accessibility compliance. Site administrators should upgrade to ensure their sites remain secure and performant while meeting modern web standards.

Highlight of the Release

• Added Permissions-Policy header to block Google FLoC tracking, enhancing user privacy
• Fixed critical menu handling issues, including reordering failures with large menus (100+ items)
• Improved WebTestCase performance by approximately 50%
• Optimized node access query building for better performance
• Enhanced accessibility with ARIA attributes and form improvements

Migration Guide

This maintenance release does not require any specific migration steps. Standard update procedures apply:

1. Back up your database and site files before updating
2. Put your site into maintenance mode
3. Update Drupal core files
4. Run the update script by visiting /update.php
5. Take your site out of maintenance mode

The changes in this release are primarily bug fixes and performance improvements that should not affect existing functionality. However, if you have custom code that interacts with menu handling or node access, you may want to test those features after updating.

Upgrade Recommendations

This release contains important security enhancements, performance improvements, and bug fixes. All sites running Drupal 7.80 should upgrade to Drupal 7.81.

The upgrade is particularly important for:

• Sites concerned about user privacy (Google FLoC blocking)
• Sites with large menus (100+ items)
• Sites with complex content workflows involving unpublished nodes
• Sites requiring accessibility compliance
• High-traffic sites that would benefit from the performance optimizations

As Drupal 7 is approaching its end of life (currently extended to November 2023), site owners should also be planning their migration path to Drupal 9 or 10.

Bug Fixes

Menu Management Fixes

• Fixed issue where administrators couldn't manage menu items pointing to unpublished nodes
• Resolved reordering failures with menus containing more than 100 items
• Fixed handling of forward slashes in filter aliases in URL alias overview

Form and Field Handling

• Fixed issues with "required, multiple" fields in forms
• Resolved notices related to undefined index 'localized_options' in inaccessible menu items
• Fixed W3C validation errors in GET form submit buttons with empty "name" attributes

Content Management

• Fixed issue where deleting a node type would leave orphaned nodes in the database

CSS Processing

• Fixed CSS aggregation stripping essential whitespace within strings
• Disabled brotli compression of pre-compressed CSS and JS files

New Features

New Privacy Protection

• Added Permissions-Policy header to block Google FLoC tracking, enhancing user privacy protection
• Backported server configuration code from SA-CORE-2016-003 to improve security posture

Testing Improvements

• Added option to only print failing tests, making test output more manageable
• Improved WebTestCase performance by approximately 50%, significantly speeding up test runs

Security Updates

Privacy Protection

• Added Permissions-Policy header to block Google FLoC tracking, preventing this privacy-invasive technology from collecting data about site visitors
• Backported server configuration code from SA-CORE-2016-003 to Drupal 7, enhancing overall security posture

Data Integrity

• Fixed issue where deleting a node type would leave orphaned nodes in the database, preventing potential data inconsistencies

Performance Improvements

Query Optimization

• Optimized node access query building for better performance
• Implemented micro-optimizations in drupal_array_get_nested_value() using array_key_exists()
• Added ThemeRegistry array_key_exists() micro-optimization

Testing Performance

• Improved WebTestCase performance by approximately 50%, significantly reducing test execution time

Resource Handling

• Never use aggregation in maintenance mode, preventing potential issues
• Improved handling of CSS aggregation to preserve essential whitespace
• Disabled brotli compression of pre-compressed CSS and JS files to avoid redundant processing

Impact Summary

Drupal 7.81 delivers significant improvements across several key areas:

Privacy and Security: The addition of the Permissions-Policy header to block Google FLoC tracking represents an important step in protecting user privacy. This change prevents Google's cohort-based tracking system from gathering data about your site visitors without consent.

Performance Optimization: Multiple performance improvements have been implemented, including optimized node access query building and a 50% improvement in WebTestCase performance. These changes will result in faster page loads and more efficient development workflows.

Menu Management: Critical fixes to menu handling address long-standing issues with large menus and unpublished content. Site administrators will now be able to properly manage menus with more than 100 items and work with menu items that point to unpublished nodes.

Accessibility: Several accessibility improvements have been made, including better ARIA attributes for autocomplete functionality and fixes for required multiple fields in forms. These changes help sites meet accessibility standards and provide a better experience for all users.

Overall, this release strengthens Drupal 7's foundation with targeted improvements that enhance security, performance, and usability without introducing breaking changes.