fix(OutsideDirective): prevent conflicting events (!4919) · Merge requests · GitLab.org / gitlab-ui

This project is archived. Its data is read-only.

What does this MR do?

fix(OutsideDirective): prevent conflicting events

This fixes an issue where binding the outside directive to an element rendered within a focusable element would cause the directive to fire both for the focusin and the click event when clicking on the element. This could cause some usability issues like non-interactive disclosure dropdowns as clicking on items within the dropdown would be caught as an outside focusin event by the directive.

How to test this?

Apply the following patch

diff --git a/src/components/base/new_dropdowns/disclosure/disclosure_dropdown.stories.js b/src/components/base/new_dropdowns/disclosure/disclosure_dropdown.stories.js
index 2ddc038745..95eeca9847 100644
--- a/src/components/base/new_dropdowns/disclosure/disclosure_dropdown.stories.js
+++ b/src/components/base/new_dropdowns/disclosure/disclosure_dropdown.stories.js
@@ -73,7 +73,10 @@ export const Default = (args, { argTypes }) => ({
   },
   template: `
     <div>
-      ${template()}
+      <button>Focus me!</button>
+      <a href="#">
+        ${template()}
+      </a>
       <gl-tooltip :target="$options.toggleId" placement="right">
         This is a default disclosure
       </gl-tooltip>

Load the story frame at http://localhost:9001/iframe.html?viewMode=story&id=base-dropdown-disclosure-dropdown--default&args=.
Interact with the story by:
- Clicking on the dropdown toggle.
- Clicking within the dropdown.
- Clicking the Focus me button.
- Tabbing through elements.
- Etc.
- A typical bugged behavior would occur when clicking on the dropdown toggle while it's open. Before this fix, the disclosure dropdown would briefly close and immediately re-open because an erroneous focusin event caused it to close, which then let the toggle catch the click event to re-open it. After this fix, the dropdown should close as expected.

Screenshots or screen recordings

Before	After
before	after

Integration merge requests

GitLab: gitlab!177596 (closed)
[-] CustomersDot: mr_url
[-] Status Page: mr_url

Does this MR meet the acceptance criteria?

This checklist encourages the authors, reviewers, and maintainers of merge requests (MRs) to confirm changes were analyzed for conformity with the project's guidelines, security and accessibility.

Toggle the acceptance checklist

Conformity

Code review guidelines.
GitLab UI's contributing guidelines.
If it changes a Pajamas-compliant component's look & feel, the MR has been reviewed by a UX designer.
If it changes GitLab UI's documentation guidelines, the MR has been reviewed by a Technical Writer.
If the MR changes a component's API, integration MR(s) have been opened (see integration merge requests above).
Added the ~"component:*" label(s) if applicable.

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

Label as security and @ mention @gitlab-com/gl-security/appsec
Security reports checked/validated by a reviewer from the AppSec team

Accessibility

If this MR adds or modifies a component, take a few moments to review the following:

All actions and functionality can be done with a keyboard.
Links, buttons, and controls have a visible focus state.
All content is presented in text or with a text equivalent. For example, alt text for SVG, or aria-label for icons that have meaning or perform actions.
Changes in a component’s state are announced by a screen reader. For example, changing aria-expanded="false" to aria-expanded="true" when an accordion is expanded.
Color combinations have sufficient contrast.

Edited Jan 10, 2025 by Paul Gascou-Vaillancourt